I'm not aware of such option on the WLC. Maybe there is an option directly on the ISE, that it configures it to (blindly) accept all clients. The ISE controls the access and the WLC is just doing what the ISE tells it to do.
With WPA2-Enterprise SSIDs encryption keys are negotiated between ISE and client. These keys are needed for encryption. Or instead of WPA2-Enterprise you use a completely open and unencrypted SSID.