We have been asked to extend an exiting wireless network utilising an ACS 1200 appliance for PEAP MSCHAPv2. The ACS is currently configured to check a single security group for membership and then grant/deny access.
The customer has supplied 26 OUs across their AD that they would like all members of to be granted access. Is there an easy, or relatively easy, way to configure this?
I thought of using shadow groups with a PowerShell script to update the shadow groups but as my customer is a large multi-national running this type of script would not be acceptable. Is this what you were thinking or is there a better way to add the OUs a a Wireless group?