Just wanted to understand how the UAC authentication flow happens, in case of single sign on ( user's loging in the active directory login screen, UAC validates user based on the same credentials), and can we define AD group policy based profiles based on which VLAN assignments can be done. thanks for the help...
Yes, you can assign policies based on AD group on the IC. The OAC will get the info from the UAC and will move the the VLAN based on policies.
On the realm that's you've setup for AD authentication create multiple roles. You can create different role mappings for each based on group membership. You can then assign VLANS to those individual roles.