I've helped customers set it up and yes, it does work. Basically you can assign attributes to users from your LDAP database, these override what is set on the concentrator. You don't have to define every attribute, so don't go and create this huge LDAP schema, only define the attributes you want to define via LDAP specifically and that should be enough.
You'll end up with something like this under a user profile:
CVPN3000-Access-Hours: Corporate_time
cVPN3000-Simultaneous-Logins: 2
cVPN3000-IPSec-Over-UDP: TRUE
CVPN3000-IPSec-Over-UDP-Port: 12125
cVPN3000-IPSec-Banner1: Welcome to the XYZ Corporation!!!
cVPN3000-Primary-DNS: 10.10.4.5
CVPN3000-Secondary-DNS: 10.11.12.7
CVPN3000-Primary-WINS: 10.20.1.44
CVPN3000-SEP-Card-Assignment: 1
CVPN3000-IPSec-Tunnel-Type: 2
CVPN3000-Tunneling-Protocols: 7
cVPN3000-Confidence-Interval: 300
cVPN3000-IPSec-Allow-Passwd-Store: TRUE
objectClass: cVPN3000-User-Authorization
The object class must be called "cVPN3000-User-Authorization" at the moment, it may be able to be changed in later code releases but for now it has to be that.
A good way to start off is just define the following:
cVPN3000-IPSec-Banner1: Hi there
and if the user gets that when they login then you know your database is set up OK. After that it's just a matter of adding in whatever other attributes you want, they're all listed in the URL you posted initially.