Hello,
Under the authorization rules page, on the bottom right, you should have a "Customize" button.
This will pop-up a window to select additional conditions/results to be added to your rule. There you should be able to select AD1:ExternalGroups or AD1:memberOf (see attachment) to enforce command sets according to the AD a group a user is belonging to.
Let me know if this is what you were looking for,
Fede
--
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.