Having some problems getting the role mapping to work with LDAP. The Authentication Servers tests ok, but I assume that is just testing the port and username/password combo. Our LDAP structure doesn't have a lot of depth in OU's and we go from ou=people, o=company.com and we have our UID under the people OU. What I'm trying to do is role-map based on EmployeeType attribute inside the UID, not on a group. Here are my AuthServer settings and my attribute settings inside the User Realm Auth Server. Base DN: ou=people,o=cadence.com Filter: cn=uid UserRealm Attribute: employeeType is * We're actually using a RADIUS for authentication and LDAP for Directory (which I've put as the Directory lookup in UserRealm settings), once we get past the Radius authentication, the trace shows that the user is denied because "NoRoles" have been applied. I think this is just an issue with my BaseDN or something. Any help is appreciated. Mike
... View more