I responded to that post to help clarify. Both George and Tim (other post) are correct. Do not confuse the limitations of ISE-PIC with full blown ISE. ISE can publish login info for both Passive ID and active auth from guests and users that login via AD credentials.
Note that use of AD credentials for network login does not equate to an AD login event. For example, I can login using PEAP with AD credentials without triggering an AD login event. AD login is what occurs when you enter credentials at CTRL-ALT-DEL, or perform specific access request to AD then entails AD login privileges. Therefore, do not expect Passive ID event to be present if simply using AD credentials for network logon.
RADIUS auth is considered Active auth. Passive ID is Passive auth.
ISE supports both. ISE-PIC supports passive only.
On a side note, it is possible for ISE to combine both active auth with passive auth, for example, assign access based on successful 802.1X machine auth via ISE + successful user AD login outside of ISE. I call this Easy Connect Chaining, or EZC Chaining.
/Craig