So if you are using trusted ports (no authentication), you would do the following:
1) create a switching-profile for the VLAN:
interface-profile switching-profile "VLAN100-DATA"
access-vlan 100
!
2) create an interface-group containing the switchports you'd like to have this configuration
interface-group gigabitethernet "TRUSTED-GROUP-1"
apply-to 0/0/0,0/0/2,0/0/4,0/0/6,0/0/8,0/0/10
lldp-profile "LLDP-PROF-1"
poe-profile "POE-PROFILE-1"
switching-profile "VLAN100-DATA"
!
For untrusted ports (authentication and user-roles), you attach the VLAN to the user-role. There is a bit more setup with this as you need to setup authentication servers.
Create a user-role and attach a VLAN to the user-role:
user-role MEDIA-PLAYER
vlan 200
access-list stateless mDNS-AirGroup
access-list stateless DLNA-AirGroup
access-list stateless allowall-stateless
!
Create an interface-group containing the switchports you'd like to have this configuration. This interface-group will have more configuration because of authentication.
interface-group gigabitethernet "UNTRUSTED-GROUP-1"
apply-to 0/0/1,0/0/3,0/0/5,0/0/7,0/0/9,0/0/11
lldp-profile "LLDP-PROF-1"
poe-profile "POE-PROFILE-1"
aaa-profile "UNTRUSTED-AAA-1"
no trusted port
!