I am trying to setup FDS to handle the bulk of authentication for my company. I have been able to sucessfully authenticate users from windows against fds using pgina with the ldapauth plugin. However, I need to be able to restrict access to certain devices based on presumably, group membership, and also grant adminstrator rights in windows for specific users in fds based on their group membership. From what I have been reading, the ldapauth plugin for pgina requires the attribute "groupMembership" to exist and be appropriately populated. I have not been able to figure out how to add this attribute to my user nor find any other way to do any access control in windows.