I am trying to setup group mapping on ACS 4.2/Windows for group mapping as shown below.
ACS--->Ext db--->Group mapping--->windows--->choose domain---> add mapping----> choose NT group and pick one acs group-->submit.
Wireless LAN users --> members of "WLAN group" in Active Driectory --> Mapped to "Group 05" in ACS
Network Administrators --> memmbers of "Network" group in Active Driectory --> Mapped to "Group 10" in ACS
Remote Access VPN users--> No mapping defined.
Now how should I proceed further? I want only the members of Network Admin to manage the network devices and similarly only the members of WLAN can use wireless LAN. Where can I specify this restriction?