Is it possible to implement the following scenario using Aruba Controller and Microsoft NPS.
I would like to use one SSID and put users to a different vlan using their AD Group membership. I know this is working I have tested it, but what if we have multiple buildings and they are using different VLAN IDs?
For example
Building 1
AD Group Sales --> VLAN ID 10
AD Group Engineer --> VLAN ID 11
AD Group Marketing --> VLAN 12
Building 2
AD Group Sales --> VLAN ID 20
AD Group Engineer --> VLAN ID 21
AD Group Marketing --> VLAN 22
and so on.
What is the best way to separate buildings in this configuration? Is it possible to use for example AP Group as NAS Identifier or something similar? Then I could create specific rule in NPS.
Is this possible?