Hi,
This seems like the perfect use case for the UAM BYOD configuration.
Users can login on BYOD registration page (using their corporate LDAP AD account), that will register their device and they will be allowed access (using e.g. mac-auth) to the network.
Wireless and wired access can be used.
Best regards,Peter.