Thanks for the reply Peter :) unfortunately it does not seem to work.
I got a tip to use DEBUG on org.jboss.security but I can't find any errors in the server.log either.
Also, from what I understand, the "Roles" concept in the spec is meant as an abstraction, and the mapping of Roles to Users/Groups is up to the container, so that the Role is independent from whatever authentication method is used. So I need to a way to say that the Role "JBossAdmin" maps to a set of users/groups in the ldap?
I also tried setting my security domain in jboss-web.xml for the admin-console, but it does not seem to affect anything, I can still login with admin/admin? But I am trying to focus on jmx-console since at least there admin/admin does not work now, so at least something's changed :)
Stian