The nsrole attribute is a special feature of Sun ONE LDAP, which is used to represent the role of a user.
Use the following configuration for Sun ONE LDAP with the nsrole attribute used in a group and user relationship.
<config:ldapEntityTypes name="Group"> <config:objectClasses>ldapsubentry</config:objectClasses> </config:ldapEntityTypes> ... <config:groupConfiguration> <config:membershipAttribute name="nsRole" scope="direct"/> </config:groupConfiguration> ... </config:attributeConfiguration>