Situation: Open SSID for Guests Sponsored Access. Either guests or Employees can authenticate on CWA.
Requirement: Once an AD:IT user is authenticated via CWA, customers wants MAC address of device be automatically added to RegisteredDevices. Goal: when the device reassociate with the Guest-Net, it will be automatically accepted on the Guest network without any further cwa. The customer doesn't want to use BYOD for its employees, and wants the AD:IT employees to remain on the Guest-Net.
Also, customer would like that, following CWA, if an AD:Employee is NOT from the IT group, then customer wants the MAC address to be put in Blacklist.
Summary: the customer wants that, for users authenticating via CWA and OU=IT, the MAC address be put in the RegisteredDevices, and that those devices when re-connecting to the Guest-Net, be automatically recognized without prompting the user for CWA, but only for users from OU=IT.
Thanks.