LDAP Servers in SPS

I am attempting to configure the LDAP Servers in SPS to create a new "content policy" where i want to apply it on a active directory group. If a user is in the group cannot digit a specific command and if a user is not in the group can digit a specific command. I configured this sections but doesn't work: policy --> LDAP Servers, policies --> Content policy, SSH Control --> connections and SSH Control --> Channel policy

if there is a possibility to attach some picture i can show all the configurations

thank you very much.