cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

152
Views
5
Helpful
5
Replies

"Disclose invalid usernames" not working in ISE 2.4 patch 9

CSCvh91118 implies (but doesn't explicitly state) that from ISE 2.4 patch 6, you can permanently enable the Disclose invalid usernames option. The pop-up help has also removed references about this option being limited to 30 minutes.

 

This option is not working however; RADIUS Live Logs still mask the invalid username, even when testing within ~5 minutes of enabling it. Unlike the previous behavior, the checkbox stays ticked after 30 minutes so that doesn't appear to be the problem.

 

Can anyone running ISE 2.4 patch7+ confirm whether the option works for them please?

 

CSCvo24097 doesn't appear to be at play as it appears CSCvo24097 is what drove the enhancement request that CSCvh91118 discusses.

5 REPLIES 5
VIP Advocate

Re: "Disclose invalid usernames" not working in ISE 2.4 patch 9

I have two deployments right now that have this enabled.  One is on 2.4 patch 9 and another on 2.4 patch 10.  Both work correctly assuming I am looking at new authentications, it doesn't unmask old ones.  

Re: "Disclose invalid usernames" not working in ISE 2.4 patch 9

I assume you're using the AD connector?

 

It might be different with the LDAP connector I suspect.

Cisco Employee

Re: "Disclose invalid usernames" not working in ISE 2.4 patch 9

If you are still having issues with this option, please contact the TAC to troubleshoot further.

 

-Regards,

Tim

Re: "Disclose invalid usernames" not working in ISE 2.4 patch 9

Thanks - can you confirm this is a known bug (with the LDAP connector at least)?

Re: "Disclose invalid usernames" not working in ISE 2.4 patch 9

Does anyone have this working with the LDAP connector?