I have no update for you, but I am using the work around, and in the config, there is a "UserInfoRoleNamePath" field that is configured by default to use AD attribute 'department' but it looks like you could change that to use any AD attribute.
Enabling this method is also an addition, so your users will still be able to log in with existing local accounts. It adds a new login button that you also name.
Changing that department config may work for you, but I have not tested this.
I have no update for you, but I am using the work around, and in the config, there is a "UserInfoRoleNamePath" field that is configured by default to use AD attribute 'department' but it looks like you could change that to use any AD attribute.
Enabling this method is also an addition, so your users will still be able to log in with existing local accounts. It adds a new login button that you also name.
Changing that department config may work for you, but I have not tested this.