RESOLVED
You can restrict SonarQube access based on a specific LDAP/AD group membership by restricting the user-filter option on the ldap.user.request:
ldap.user.request=(&(objectClass=user)(sAMAccountName={login})(memberOf=CN=ldap-group,OU=groups,DC=example,DC=com))