cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3221
Views
0
Helpful
2
Replies

Cisco ISE - Authentication of Admin Access?

rogg
Level 1
Level 1

In review of the Cisco documentation regarding enabling AD or LDAP authentication for Admin access to the ISE
cisco.com/c/en/us/support/docs/security/identity-services-engine/200891-Understanding-Admin-Access-and-RBAC-Poli.html#anc7 

 

We have both AD and LDAP Authentication working for Remote Access users; however, we would also like AD or LDAP for Admin Access to the ISE. We have both authentication types working and we have granular control of the group that is used and the users defined within the group that we want to provide Admin Access to. Before we enable AD or LDAP our concern is regarding what might happen if the AD or LDAP services become unreachable? Does / will the ISE fail back to local authentication if these services are unreachable? The ISE allow us to defined a primary authentication method but not a secondary method, at least not that we can find. Thanks!

1 Accepted Solution

Accepted Solutions

Milos_Jovanovic
VIP Alumni
VIP Alumni

Hi @rogg,

When you enable AD authentication for Admin access, on initial login page you'll get additional filed, to select to which system you want to login - configured AD or local. Having this said, it is clear that you'll still be able to authenticate with local accounts, in case AD is unavailable.

BR,

Milos

View solution in original post

2 Replies 2

Milos_Jovanovic
VIP Alumni
VIP Alumni

Hi @rogg,

When you enable AD authentication for Admin access, on initial login page you'll get additional filed, to select to which system you want to login - configured AD or local. Having this said, it is clear that you'll still be able to authenticate with local accounts, in case AD is unavailable.

BR,

Milos

Thank you, that was not obvious from the documentation. I just could not bring myself to click submit without the fear of locking myself out. Appreciate the guidiance!

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: