...
With this method, the LDAP administrator defines the montieran attribute, for example DPOD_role attribute, at the user directory entry level that contains the role name of that user.
Multiple roles are assigned using several instances of the attribute in the user entry.
The attribute must be defined in the user class LDAP schema.
...
An administrator user named "john" (CN=john) has the attribute "montierDPOD_role=DPODAdminOpDashAdminRole".
Scenario B - Define Roles as attributes on the group directory entry
...
An administrator user named "john" (CN=john) belongs to a group named "DPODAdminOpDashAdminRole" (CN=MonTierAdminOpDashAdminRole)
Example 3 (custom attribute):
An administrator user named "john" (CN=john) belongs to a group named "DPAdmins" that has the attribute "montierDPOD_role=DPODAdminOpDashAdminRole".