First time working with an ASA and LDAP. We're trying to require users to be part of a vpnusers group in a Sun One 5.2 directory. The ASA config examples all seem to assume that group membership values are assigned to the user object in LDAP. It's not the case in our Sun LDAP. Groups are separate objects with the members defined in the group object with "uniquemember". Determining group membership requires a query of the group for the uid or dn of the user to see if they're a member. I can't find any examples of the ASA working with this.
I have this problem too.