https://community.cisco.com/t5/network-access-control/read-only-acceess-account-creation-on-ise/m-p/3705174#M39136 <P>does this work? I have read there is no read only account that can be done with ISE.</P> Tue, 11 Sep 2018 21:18:49 GMT Steven Williams 2018-09-11T21:18:49Z https://community.cisco.com/t5/network-access-control/read-only-acceess-account-creation-on-ise/m-p/2916964#M39134 <P>Hi Team,</P> <P></P> <P>As per my network team, we can't create a read only account in ISE server to access all registered node? Is it true?</P> Mon, 11 Mar 2019 06:55:19 GMT https://community.cisco.com/t5/network-access-control/read-only-acceess-account-creation-on-ise/m-p/2916964#M39134 wajid_dabir 2019-03-11T06:55:19Z https://community.cisco.com/t5/network-access-control/read-only-acceess-account-creation-on-ise/m-p/2916965#M39135 <P><SPAN>wajid_dabir,</SPAN></P> <P><SPAN></SPAN></P> <P><SPAN>Try this.</SPAN></P> <P><SPAN>Administration&gt;System&gt;Admin Access&gt;Administrators&gt;Admin Groups&gt;If it's an External Group like Active Directory, click the <STRONG>"+"</STRONG><SPAN> sign,&nbsp;</SPAN>select the AD security group of the users&nbsp;<STRONG>OR&nbsp;</STRONG>if it's internal users, under&nbsp;<STRONG>Member Users&nbsp;</STRONG>add the user.</SPAN></P> <P><SPAN></SPAN></P> <P>In Administration&gt;System&gt;Admin Access&gt;Authentication&gt;Identity Source:<STRONG>Select your choice(AD Group or Internal)</STRONG></P> <P><STRONG></STRONG>Authorization&gt;Permissions&gt;Menu Access&gt;Click the checkbox of Menu Access that's closest to your requirement for read access&gt;Select Duplicate&gt;Rename the duplicate&nbsp;<STRONG>OR&nbsp;</STRONG>you may duplicate a Menu Access that has a higher level of Menu Access&gt;Rename the duplicate&gt;Click the renamed Menu Access&gt;Edit it which are to be shown and hidden.</P> <P></P> <P><SPAN>Authorization&gt;Permissions&gt;Data Access&gt;Click the checkbox of Data Access that's closest to your requirement for read access&gt;Select Duplicate&gt;Rename the duplicate&nbsp;</SPAN><STRONG>OR&nbsp;</STRONG><SPAN>you may duplicate a Data Access that has a higher level of Data Access&gt;Rename the duplicate&gt;Click the renamed Data Access&gt;Edit it which are to be shown and hidden.</SPAN></P> <P><SPAN></SPAN></P> <P><SPAN>Authorization&gt;Permissions&gt;Policy&gt;Click&nbsp;<STRONG>Actions&nbsp;</STRONG>of any Rule Name&gt;Duplicate&gt;Rename the duplicate&gt;If=click the <STRONG>"+"</STRONG> sign, select the user group(Internal or AD)&gt;then=click the <STRONG>"+"</STRONG><SPAN> sign, select the Menu and Data Access that you have created above&gt;Save&gt;Test it.</SPAN></SPAN></P> <P></P> <P>HTH.</P> <P></P> <P>***Please rate and mark the comment correct if you find it helpful.Thanks***</P> Fri, 15 Jul 2016 02:00:54 GMT https://community.cisco.com/t5/network-access-control/read-only-acceess-account-creation-on-ise/m-p/2916965#M39135 agapitca19 2016-07-15T02:00:54Z https://community.cisco.com/t5/network-access-control/read-only-acceess-account-creation-on-ise/m-p/3705174#M39136 <P>does this work? I have read there is no read only account that can be done with ISE.</P> Tue, 11 Sep 2018 21:18:49 GMT https://community.cisco.com/t5/network-access-control/read-only-acceess-account-creation-on-ise/m-p/3705174#M39136 Steven Williams 2018-09-11T21:18:49Z https://community.cisco.com/t5/network-access-control/read-only-acceess-account-creation-on-ise/m-p/3705844#M39137 <P>Please see this earlier community post that will give you information how to use this feature.</P> <P><A href="https://community.cisco.com/t5/policy-and-access/read-only-web-access-to-ise-nodes/td-p/2327124" target="_blank">https://community.cisco.com/t5/policy-and-access/read-only-web-access-to-ise-nodes/td-p/2327124</A></P> <P>&nbsp;</P> <P>-Krishnan</P> Wed, 12 Sep 2018 20:15:06 GMT https://community.cisco.com/t5/network-access-control/read-only-acceess-account-creation-on-ise/m-p/3705844#M39137 kthiruve 2018-09-12T20:15:06Z