12-14-2018 09:00 AM
I have created a new Policy for admin access. It references a Group in AD, I am able to login with out issues and have access to all menu's but I don't have access to some of the Data. For example I don't see any of the Endpoint or User Identity Groups. I have configured the policy for both Super Admin Menu and Data access, see image.
What am I missing?
Thanks,
Joe
Solved! Go to Solution.
12-16-2018 07:29 PM
CSCvd28829 is addressed in ISE 2.2 Patch 2 or above and ISE 2.3 FCS. Joe could run into it, if his setup just upgraded to ISE 2.2 and not yet patched to the latest.
12-15-2018 07:10 PM
You may map AD groups to the built-in admin groups (see the attached screenshot), instead of creating new ones, although what you configured should have worked, too. Please engage Cisco TAC to troubleshoot.
12-15-2018 09:47 PM
12-16-2018 05:30 PM - edited 12-16-2018 05:30 PM
If an admin user matched to multiple ISE admin groups, then it could be either CSCvd20214 or CSCvk10156.
12-16-2018 06:54 PM - last edited on 12-16-2018 07:24 PM by hslai
12-16-2018 07:29 PM
CSCvd28829 is addressed in ISE 2.2 Patch 2 or above and ISE 2.3 FCS. Joe could run into it, if his setup just upgraded to ISE 2.2 and not yet patched to the latest.
12-21-2018 04:36 PM
This is a fresh install of 2.4.
12-21-2018 07:24 PM
Please try what I gave in my first response to your post. If that not helping, open a Cisco TAC support case and troubleshoot further.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide