Create Condition: Windows Groups

Create a condition specifying a Windows group to add flexibility to policy management.

  1. Select Add to add a condition.
  2. Select Windows Groups and Select Add.
  3. Select Add Groups.
    The Select Group dialog opens.
    Click to expand in new window
    Select Group
  4. Type Group as the object type.
  5. Specify the location.
  6. Enter the name of the group. This name must match a configured Active Directory group. You may be prompted to specify the Active Directory Windows group that the group corresponds to.
  7. Select OK.
  8. On the Specify Access Permission screen, specify the level of access permission and select Next.
  9. On the Configure Authentication Methods screen, select Add and select one or more EAP methods. Then, select OK.
    Click to expand in new window
    Configure Authentication Methods
  10. Select Next.
  11. Configure the Idle Timeout and select Next.
  12. Configure the Radius Attributes. As an example, you can set the Filter-Id attribute to a wireless controller role. This will override the default role. The following procedure illustrates how to set the Filter-Id:
  13. Select Add, select the Filter-Id attribute.
  14. Select Add.
  15. Select Add again and type the attribute name. The Attribute name is case sensitive and must match the Role on the wireless controller.
    Click to expand in new window
    Attribute Information
  16. Select OK.
  17. Select Close to close the RADIUS Attribute dialog.
  18. Select Next.
    Click to expand in new window
    Completing New Network Policy
  19. Select Finish.
9038115-00 Rev. AA