The goal here is to give Admin access and limited access to AD users base on their credential by using clearpass RADIUS based authentication for Windows server's login.
Its the same concept like for any other NAD devices (i.e. switches, routers, linux servers etc.)