A standard Zentyal 3.2 installation has lots of "internal" groups - I guess for Active Directory compatibility.
Unfortunately, those sort of mess up the Jabber roster.
To change settings, first create a custom template by copying /usr/share/zentyal/stubs/jabber/ejabberd.cfg.mas to /etc/zentyal/stubs/jabber/ejabberd.cfg.mas
Then edit the following section, altering the ldap_rfilter and ldap_gfilter lines:
% if ($sharedroster) {
{mod_shared_roster_ldap, [
{ldap_filter, ""},
{ldap_rfilter, "(&(objectClass=posixGroup)(!(internal=1)))"},
{ldap_gfilter, "(&(objectClass=posixGroup)(cn=%g)(!(internal=1)))"},
{ldap_ufilter, "(&(uid=%u)(objectClass=userJabberAccount))"},
{ldap_groupattr, "cn"},
{ldap_groupdesc, "description"},
{ldap_memberattr, "member"},
{ldap_memberattr_format, "uid=%u,<% $usersDn %>"},
{ldap_useruid, "uid"},
{ldap_userdesc, "cn"}
]},
To make the changes effective, recreate the config files from the template and restart the jabber service:
sudo /etc/init.d/zentyal jabber restart
Works like a charm for me and the Zarafa Webapp Chat windows is no longer clogged with groups that should be hidden.