cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
334
Views
5
Helpful
1
Replies

ISE POC - Visibility Context Wizard and Passive-id Combined

kkaminsk
Cisco Employee
Cisco Employee

Hello folks,

I am running an ISE POC using only the ISE Context Visibility Wizard and this works fine.  We are using all parts of the wizard including the psexec function to look at applications running on windows machines via Anyconnect in the background using a windows admin account.  We also used an account that is not a member of the domain admin group in AD to join the ISE node to AD.  This all functions fine.  We are seeing AD probe information.

 

The problem is when we try to use Passive-id to see the user information.  We are connecting to the same domain controller that we are connected to normally.  The user/password is the same we are using to connect normally to AD.  When we hit the test button it says the account is OK, but when we hit the configure wmi button we get an error saying it failed and that it is unable to run the executable and iseexec cannot run.

 

Question 1:  Is Passive-id supported on the same Domain Controller that is connected normally to AD in the Context Visibility Wizard?

Question 2: Does the admin account used to connect to the Domain Controller have to be a member of the Domain Admin group?  This one is not a member but the account has WMI permissions.

 

This is only a Context Visibility wizard POC - we are doing no active authentications.

 

Thanks,

Ken

1 Reply 1

hslai
Cisco Employee
Cisco Employee

I already responded this offline. A quick re-cap.

1. Yes

2. To use the button "Configure WMI" requires the credentials of a domain admin user. If needing a less privileged user, then follow the admin guide and configure the requirements manually.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: