Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
2316
Views
5
Helpful
5
Replies

Cisco ISE cli user creation

NeWGuy1109
Level 1
Level 1

‎01-18-2022 09:13 AM

I am using Cisco ISE 3.0 Patch 4 in a Primary Secondary Configuration.. facing a weird issue where when i am trying to create admin users in CLI via command 

#username testuser password hash S0ftware@121 role admin 

 

after creating this testuser when i tried to view show running-config.. i can see user is created but the password is not hashed out.. moreover i am unable to login via this user in CLI.. i tried creating other users as well but without any success

 

how can i resolve this.. any help is appreciated.

2 people had this problem
Labels:
0 Helpful
5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

‎01-18-2022 09:26 AM

try below syntax plain :

 

username username password hash | plain {password} role admin | user email {email-address}

 

ise/admin(config)# username admin password plain Secr3tp@swd role admin

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

NeWGuy1109
Level 1
Level 1
In response to balaji.bandi

‎01-19-2022 03:38 AM

Thanks for the reply..

 

i tried it in plain.. now i can see the password hashed out in show config..

however i am unable to login with the same password.. i tried creating several users but none can login with the defined password

0 Helpful

LaurenCoulcher
Level 1
Level 1

‎10-06-2022 03:27 AM

I'm running version 3.0 patch 6 and seeing the same issue.

Created and tested a couple of different CLI admin accounts and found that I was unable to log into any of them, exactly the same as @NeWGuy1109 describes. Was there a solution to this?

 

0 Helpful

kenmanner
Level 1
Level 1

‎08-01-2023 11:10 AM

Same issue here. Running: 3.1.0.518

0 Helpful

timmeadowsjr
Level 1
Level 1

‎09-07-2023 08:34 AM

I found something that worked for me in 3.3

1. remove the username in cli if it is already created

#no username xxx password hash yyy role zzz

2. add the username again using plain instead of hash

#username xxx password plain yyy role zzz

3. end cli session

4. log into ISE GUI

5. backup config and operational backups  

  • Administration / System / Backup & Restore / Backup & Restore

6. log back into cli 

7. show running-config | inc username

8. see if username now has password encrypted

9.  If password is encrypted log out of cli

10.  attempt to log into cli using new username

 

hope this helps

 

 

0 Helpful
Customers Also Viewed These Support Documents
Top