I have a MOSS 2007 test server setup and have configured Forms Based Authentication on Internet site (just an extension of the main portal site) that authenticates via an LDAP Active Directory server. Most of it works. I can import profiles from the LDAP provider and LDAP users can authenticate to the FBA URL.
The problem I'm running into is with LDAP groups and the Role provider. If I add an LDAP users to a Sharepoint permissions group directly, he can log in and access the site with no problems. However, if I instead add a Group from LDAP (which People Picker finds just fine) then members of that group can authenticate, but get the "Access Denied" page for the portal.
Error Access Denied
|You are currently signed in as: esmu
The relevant portions of my web.config (I have entered these into the web.config for the main portal site, the extended site for forms based authentication, and the Central Management server site (making the required change for the default role provider for the central management site): i follow these steps: