Create Condition: Windows Groups

Create a condition specifying a Windows group to add flexibility to policy management.

  1. Click Add to add a condition.
  2. Select Windows Groups and click Add.
  3. Click Add Groups.
    The Select Groups dialog appears.
    Click to expand in new window
    Select Group
    Graphics/Select_Group.png
  4. Type Group as the object type.
  5. Specify the location.
  6. Enter the name of the group. This name must match a configured Active Directory group. You may be prompted to specify the Active Directory Windows group that the group corresponds to.
  7. Click OK.
  8. On the Specify Access Permission screen, specify the level of access permission and click Next.
  9. On the Configure Authentication Methods screen, click Add and select one or more EAP methods. Then, click OK.
    Click to expand in new window
    Configure Authentication Methods
    Graphics/network_authentication_methods.png
  10. Click Next.
  11. Configure the Idle Timeout and click Next.
  12. Configure the Radius Attributes. As an example, you can set the Filter-Id attribute to a wireless controller role. This will override the default role. The following procedure illustrates how to set the Filter-Id:
  13. Click Add, select the Filter-Id attribute.
  14. Click Add.
  15. Click Add again and type the attribute name. The Attribute name is case sensitive and must match the Role on the wireless controller.
    Click to expand in new window
    Attribute Information
    Graphics/New_attribute_information.png
  16. Click OK.
  17. Click Close to close the RADIUS Attribute dialog.
  18. Click Next.
    Click to expand in new window
    Completing New Network Policy
    Graphics/Completed_Network_Policy.png
  19. Click Finish.