Buy or Renew
Buy or Renew
Cisco DNA Center is now Catalyst Center. New name, same great product. Learn more about Catalyst Center here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
367
Views
0
Helpful
0
Replies

ISE Device Configuration Deployment account not updating

BenLora79498
Level 1
Level 1

‎01-14-2022 01:45 PM - last edited on ‎03-09-2022 11:21 PM by Community Manager

Hello everyone,

 

NOTE: This is a new deployment of DNAC into an already existing network.

 

So here is the scenario. The network device is using local authentication for SSH access. The DNA center has been integrated into Cisco ISE. DNAC has been configured to enable TACACS once the device has been provisioned.  We have configured DNAC with both the local admin account password and the new TACACS account. 

 

So in order to onboard the switch, the current local account is used. When the switch is provisioned with the TACACS the local account no longer works. We then have to push down the TACACS password to the newly added switch. This works fine. However, ISE does not update the switch device configuration deployment password (View Image Below) with the TACACS account. It keeps the original local admin account instead of changing it to the TACACS account. 

 

NOTE: The local admin account and the TACACS account have different names

 

If the account/password is not updated this will prevent the deployment of TrustSec, as the switch will not get STG updates from ISE.  Any ideas on how we can have ISE update the password to the TACACS account? Or perhaps we are going about this the wrong way... 

2022-01-14_16-07-38.png

 

 

Thank you in advance for your assistance. 

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents