If your company standardizes on a given wireless NIC, you might be able to institute a MAC filter.
If you're using WPA with server-based authentication, you can usually install a policy (i.e., with Microsoft IAS, RRAS, and the user account, you can disable wireless logins by checking / unchecking the "Dial-in" attribute).
Are you using ACS, Microsoft, or freeRADIUS (or other RADIUS server)?
WPA is more of an encrytion thing, which authentication scheme are you using (WPA-PSK, LEAP, PEAP, EAP-TLS, EAP-TTLS, MD5 ...)?
IF you're using Microsoft-based authentication platforms, Microsoft has some pretty good white papers / step-by-step info on setting up their systems.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...