Hi Itmar,
In ACS 5 you need to define Authorization profiles where you will include the VSAs you want for that specific profile.
Then, on the Authorization part of the Access Services you can create rules/conditions that the user must match and select the Authorization Profile you created to be applied to that user. These attributes contained on the Authorization Profile will be sent on the Access-Accept packet.
Hope this helps.
Thanks,
Tiago