Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1290
Views
5
Helpful
3
Replies

AD-AD1 ISE

Go to solution
sujanyakj
Spotlight
Spotlight

‎05-13-2022 07:10 AM

Do we have any dictionary named AD-AD1 in ISE with the attribute as ExternalGroups.

 

If not, please let me know how to create the custom condition in Cisco ISE release 2.4

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Charlie Moreton
Cisco Employee
Cisco Employee

‎05-13-2022 07:17 AM

The dictionary is created when you create your AD Join Point and is named the same as your Join Point.  To create your Condition, select the Dictionary with your AD Join Point name and choose the ExternalGroups attribute.

View solution in original post

0 Helpful

Go to solution
Marcelo Morais
VIP
VIP

‎05-13-2022 03:54 PM

Hi @sujanyakj ,

 1st at Administration > Identity Management > External Identity Sources, select Active Directory > select de <AD Name> > select the Groups tab > select Add, to add the AD Group.

 2nd at Work Centers > Network Access > Dictionaries > select the <AD Name> > click Dictionary Attributes, you are able to check the available attributes

 3rd at Policy > Policy Set, you are able to add Conditions with: <AD Name>.ExternalGroups Equals <select the AD Group that you add on 1st.>

 

Hope this helps !!!

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Charlie Moreton
Cisco Employee
Cisco Employee

‎05-13-2022 07:17 AM

The dictionary is created when you create your AD Join Point and is named the same as your Join Point.  To create your Condition, select the Dictionary with your AD Join Point name and choose the ExternalGroups attribute.

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-13-2022 09:32 AM

In addition to the issue at hand, please strongly consider moving to a supported version of ISE. 2.4 is long past end of sales and even past end of software maintenance now.

https://www.cisco.com/c/en/us/products/collateral/security/identity-services-engine/bulletin-c25-743964.html

Go to solution
Marcelo Morais
VIP
VIP

‎05-13-2022 03:54 PM

Hi @sujanyakj ,

 1st at Administration > Identity Management > External Identity Sources, select Active Directory > select de <AD Name> > select the Groups tab > select Add, to add the AD Group.

 2nd at Work Centers > Network Access > Dictionaries > select the <AD Name> > click Dictionary Attributes, you are able to check the available attributes

 3rd at Policy > Policy Set, you are able to add Conditions with: <AD Name>.ExternalGroups Equals <select the AD Group that you add on 1st.>

 

Hope this helps !!!

0 Helpful
Customers Also Viewed These Support Documents