cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

139
Views
0
Helpful
7
Replies
Highlighted
Beginner

PostgreSQL External Identity store

I followed this guide PostgreSQL -Configure ODBC on ISE 2.1 with PostgreSQL - Cisco  

I have this set up on Ubuntu and I have pgAdmin4 up and running connected the database as well.  What I would like to do is set up groups or tables for mac addresses for devices like printers and other devices so we can store MAC addresses.  has anyone else have this setup or something similar.  this is only for testing purposes what we have planned is eventually have a database that desktop support can add mac address of devices like printers and other devices through a webpage.  We want to keep them out of ISE and not keep sending these requests to be added to the ISE team.

If someone has a more efficient option I would like to hear about it.

Thanks

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: PostgreSQL External Identity store

Yes you can use the API to perform CRUD Operations on endpoints and groups of endpoints

https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_0100.html#task_59D6282675A843C7AAAA7DF988F63DE8

View solution in original post

7 REPLIES 7
Cisco Employee

Re: PostgreSQL External Identity store

If your devices are relatively small in number (e.g. a couple of hundred items), then it would be good to use one simple table. If fairly sizable, then you should consider consulting with a DB expert for design and database normalization.

Advocate

Re: PostgreSQL External Identity store

You could also leverage ERS API to programmatically add them to ISE by desktop support team without requesting ISE admin to manually add them via ISE Admin UI.

Beginner

Re: PostgreSQL External Identity store

I started to look into this, can I use this to set up a web portal for desktop support to add MAC addresses to certain groups that I create in ISE?

Cisco Employee

Re: PostgreSQL External Identity store

Yes you can use the API to perform CRUD Operations on endpoints and groups of endpoints

https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_0100.html#task_59D6282675A843C7AAAA7DF988F63DE8

View solution in original post

Beginner

Re: PostgreSQL External Identity store

Hi Jason, is there a step by step guide for this?  This is a completely new area for me.  I would like to make it as simple as possible for the other users to add MAC address.

Cisco Employee

Re: PostgreSQL External Identity store

No there is not

Hopefully if someone has some notes they would share but no one has written one that I know of on the community

Beginner

Re: PostgreSQL External Identity store

Thanks Jason