You have to turn on Radius Auth under whatever you want radius authentication for. In addition, you need to return a Radius VSA to allow users to authenticate for that role:
The VSA is called “Aruba-Admin-Role” and can take one of the following values:
1) root - Default Role, Super user role, admin
2) read-only - Read only commands
3) guest-provisioning - guest user
For example, you could have radius auth for root users, but local authentication for read-only users, or radius auth for both. You just need to return the correct VSA when doing radius auth for the user that will be authenticating..