Duc Nguyen,
You have two choices:
(1) You can force all devices that mac authenticate successfully to have the "Mac Authentication Default role" that is configured in the mac authentication profile
(2) You can have all devices take the role that is configured next to the device in the internal database.
The Server Rules of your mac authentication server group determines this:
If you remove the server rule, you will have scenario 1, where the device is assigned the Mac Authentication default role.
If you keep the server rule, you will have scenario 2, where the device will b assigned the role configured next to the device in the internal database. I hope this helps.