Is it possible to map authenticated users to a specific group within active directory. Explaing the scenario might help support this question.
I have a Cisco Secure ACS Radius server, that services clients other than LEAP authentication. I don't want any client that has an active directory account be able to authenticate via LEAP. As it stands, this is how it is setup. I would like to create a group in Active Directory and use a group mapping from Cisco Secure to Active Directory that would allow only users in that Active Directory group the ability to authenticate via LEAP. If the wireless user was not a member of the specific Active Directory group, then they would be denied access to the wireless network. Hopefully, I explained this well enough.