Radius mac filter exceptions



I’ve a cisco wlc with 2 ssid’s going to ucs for radius auth.
lets’ call them ‘no-mac-auth’ and ‘mac-auth’.

now we want to add mac filtering to radius via radius/mac/whitelisting to the ‘mac-auth’ network but for ‘no-mac-auth’ network also radius auth but without mac filter - only user/pass.

I’ve already tried to add a ucr registry policy with radius/mac/whitelisting: false on a ldap ou container but it seems the radius/mac/whitelisting is a global parameter and has no effect anywhere else.

Is this scenario even possible with ucs ?