The current LdapLoginModule has a simple schema that in general does not map to enterprise schemas. There is a jira task to generalize it to be more flexible:
If you have patches that achieve this add them to that task.
Somebody working with jBPM (not for jBPM) started developing a more flexible ldap module. It can be found in the jBPM cvs http://cvs.sourceforge.net/viewcvs.py/jbpm/ldap4jbpm/
There are issues, code needs some cleaning up, but it is a start. Initially it should become a generic 'group/role/user/...' interface but it turned out the more of a JBoss LDAP login module.
jBPM Forum coordinator
Thanks for the feedback.