DNIS - called station ID
DNIS can be used in Cisco ACS as an attribute to authenticate wireless users based on the "called station."
To configure this you must have an ACS server configured as your RADIUS authentication server on your WLC. In the SSID you wish to use you must set authentications as 802.1x, all AAA overide, and have the ACS server selected as the RADIUS server. In the ACS server you must have the called station (SSID) assigned to the AD or local user group in order for users to be authenticated.
For a more detailed look, refer to this document:
Restrict WLAN Access based on SSID
