Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1876
Views
1
Helpful
3
Replies

WMI backend changes for Easy-Connect

Go to solution
blandrum
Cisco Employee
Cisco Employee

‎01-05-2018 11:40 AM

I have some questions from an Active Directory team about exactly what's happening "behind the scenes" when we enable Easy-Connect on an AD controller.  Previously there was a script that was run, but now it's all done from the ISE GUI and it's made them very nervous about exactly what is being sent / changed.  Can someone provide an explanation of exactly what we're doing to the AD controller when it's added in ISE as an Easy-Connect server?

1 Accepted Solution

Accepted Solutions

Go to solution
Craig Hyps
Level 10
Level 10

‎01-05-2018 02:35 PM

The requirements for Passive ID setup have not changed.  We just made it simpler than having to run through steps manually:

Cisco Identity Services Engine Administrator Guide, Release 2.3 - Manage Users and External Identity Sources [Cisco Ide…

The alternative is to run agent on DC or member server and you bypass the settings needed for remote access via DCOM, but core principles apply.

Craig

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Craig Hyps
Level 10
Level 10

‎01-05-2018 02:35 PM

The requirements for Passive ID setup have not changed.  We just made it simpler than having to run through steps manually:

Cisco Identity Services Engine Administrator Guide, Release 2.3 - Manage Users and External Identity Sources [Cisco Ide…

The alternative is to run agent on DC or member server and you bypass the settings needed for remote access via DCOM, but core principles apply.

Craig

0 Helpful

Go to solution
blandrum
Cisco Employee
Cisco Employee
In response to Craig Hyps

‎01-08-2018 05:16 AM

IRT running the agent, it can be run on any member server? I assume then it’s more of an interval based polling rather than real-time / near-time?

Brad Landrum

Systems Engineer | Cisco Systems

SNR: 1.770.236.7927

blandrum@cisco.com

https://acecloud.webex.com/meet/blandrum

0 Helpful

Go to solution
hslai
Cisco Employee
Cisco Employee

‎01-06-2018 10:55 AM

Adding to what Craig said, we may still either manually configure for what required or run the script ourselves, instead of using the automation by "Configure WMI".

Running a PIC agent is a good option other than that providing PassiveID only but not yet supported for Easy Connect.

0 Helpful
Customers Also Viewed These Support Documents