Shawn, Ran into an issue yesterday where a role name had parenthesis in the name, and this messed up the fortress ldap filter when getting permissions for a user through the access manager. It appears filter params aren't being property escaped. Not sure if it is specific to this case or is present in other places as well. Thoughts?
~Chris
