I have 2 4404 WLCs with WCS. I have a WLAN set up to authenticate to a MS IAS Radius server. Users are authenticated using their Active Directory username. I want to set up multiple WLANs and restrict which user can connect to which WLAN, or I can also set up one WLAN but I want to assign an IP address or VLAN dependent on the username. Right now I have 2 WLANs set up using IAS for authentication. In IAS we set up 2 different profiles and each has a different AD group associated to it. Users in both groups can connect to either WLAN. I want particular users to be assigned IP addresses from a specific network. How can I separate this out so that multiple groups of users get different IP addresses?