Create Condition: Windows Groups
Create a condition specifying a Windows group to add
flexibility to policy management.
-
Click Add to add a condition.
-
Select Windows Groups and
click Add.
-
Click Add Groups.
The
Select Groups dialog appears.
-
Type Group as the object type.
-
Specify the location.
-
Enter the name of the group. This name must match a configured Active Directory
group. You may be prompted to specify the Active Directory Windows group that
the group corresponds to.
-
Click OK.
-
On the Specify Access Permission
screen, specify the level of access permission and click Next.
-
On the Configure Authentication
Methods screen, click Add and select one or more
EAP methods. Then, click OK.
Configure Authentication Methods
-
Click Next.
-
Configure the Idle Timeout and click Next.
-
Configure the Radius Attributes. As an example,
you can set the Filter-Id attribute to a wireless controller role. This will
override the default role. The following procedure illustrates how to set the
Filter-Id:
-
Click Add, select the Filter-Id
attribute.
-
Click Add.
-
Click Add again and type the
attribute name. The Attribute name is case sensitive and must match the Role on
the wireless controller.
-
Click OK.
-
Click Close to close the RADIUS
Attribute dialog.
-
Click Next.
Completing New Network Policy
-
Click Finish.