Possibly. In your additional authentication setup on the realm you would need to change <USER> to
userAttr.<auth-attr>. <auth-attr> being whatever AD/LDAP attribute you wanted to use. Make sure the attribute you want to use is in the server catalog. A Policy Trace will show what values are being retrieved.