That is standard ldap client configuration: you configure the dns where you find the data, unless you want to search the whole tree. Base DN is the search base where foreman find user accounts. Group base dn is the search base where foreman find groups.
Now you have put groups into the same base dn as the user accounts, thus in your case it seems not necessary.
But if you have put your users in ou=users,… and your groups in ou=groups,… you would see why it’s necessary. Also remember, that some directories are huge, thus simply using a common base dn (e.g. dc=glauth,dc=com for you) and a sub search for any directory element is very inefficient.