A group filter was created in EEM, but all LDAP users are displayed in the "Manage Identities" tab.
AutoSys Workload Automation
Filters to restrict what users can be shown via Manage Identities is controlled by the The top section "User Lookup" has a "User Search Filter" in EEM -> Configure -> User Store -> LDAP Attribute Mapping -> Mapping name -> <your custom map>
The lower part of the window "Group Attribute Mapping" has a "Group Search Filter" that is where you would filter the groups, not users, seen by EEM.
Above screenshot shows user search filter restriction where objectclass is user and not computer. It can be further expaned to show only users that are members of a specific Administrators's group.(&(objectClass=user)(!(objectClass=computer))(memberOf=CN=Administrators,CN=Builtin,DC=example,DC=com))
An example of a Group filter restricting the groups seen by EEM to only ones that start with abc, dev or autosys:
(&(objectClass=group)(|(sAMAccountName=abc*)(sAMAccountName=dev*)(sAMAccountName=autosys*)))
Work with LDAP admin to get an LDIF of a user to confirm how their attributes are defined. This help setup up of the filters above.