I finally got it to work.
However, when I do the debug, I don't see the attribute being sent back to the Controller.
I have captured a Failed Authentication and a Successful Authentication as well.
On the Failed Authentication, I see their Radius Server successfully authenticating the User, but an attribute was not sent which should make the Controller deny access.
Also on the Successful Authentication, I see their Radius Server successfully authenticating the User, but an attribute was also not sent which should make the Controller deny access. But it assigned the User the appropriate "root" role.
So, for sure, the Controller is getting something for it to be able to differentiate both Users, but I don't see it. Any ideas?
Successful Authentication:
(ArubaControllerA-7240) #show log security 50 | include balbir
Aug 23 08:45:35 :124546: <DBUG> |authmgr| aal_authenticate user:balbirghori vpnflags:0.
Aug 23 08:45:35 :124004: <DBUG> |authmgr| Select server for method=Management, user=balbirghori, essid=<>, server-group=Trent-RADIUS, last_srv <>
Aug 23 08:45:35 :124038: <INFO> |authmgr| Selected server Internal for method=Management; user=balbirghori, essid=<>, domain=<>, server-group=Trent-RADIUS
Aug 23 08:45:35 :133019: <ERRS> |localdb| User balbirghori was not found in the database
Aug 23 08:45:35 :133006: <ERRS> |localdb| User balbirghori Failed Authentication
Aug 23 08:45:35 :124004: <DBUG> |authmgr| Local DB auth failed for user balbirghori, error (User not found in UserDB)
Aug 23 08:45:35 :124064: <NOTI> |authmgr| Administrative User result=Authentication failed(1), method=Management, username=balbirghori IP=209.42.110.6 auth server=Internal
Aug 23 08:45:35 :124004: <DBUG> |authmgr| Select server for method=Management, user=balbirghori, essid=<>, server-group=Trent-RADIUS, last_srv Internal
Aug 23 08:45:35 :124038: <INFO> |authmgr| Selected server RADIUS for method=Management; user=balbirghori, essid=<>, domain=<>, server-group=Trent-RADIUS
Aug 23 08:45:35 :121031: <DBUG> |authmgr| |aaa| [rc_api.c:382] Radius authenticate user (balbirghori) PAP using server RADIUS
Aug 23 08:45:35 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:1224] User-Name: balbirghori
Aug 23 08:45:36 :124066: <INFO> |authmgr| Administrative User result=Authentication Successful(0), method=Management, username=balbirghori IP=209.42.110.6 auth server=RADIUS
Aug 23 08:45:36 :124004: <DBUG> |authmgr| match_rule Value Pair to match User-Name : balbirghori
Aug 23 08:45:36 :124025: <NOTI> |authmgr| Administrative user 'balbirghori' authenticated successfully (role=root, privileged=0)
(ArubaControllerA-7240) #