AD authentication for Admin users are not working after ISE upgrade from 1.4 to 2.2

rohitbhanu009 · ‎04-24-2017

Hi,

We have upgraded our ISE deployment from 1.4 version to 2.2. After successful upgrade Admin (management users) not able to login into ISE GUI mode. Local user ID and password is working in both CLE and GUI.

Please help me to know where i can see these setting and how i can fix it.?

Thanks

Rohit

M. Wisely · ‎04-24-2017

Have you checked to see if your ISE nodes are joined to the domain? It has happened in the past that after an upgrade the nodes need re-joined to AD.

Go to Administration -> External Identity Services and click on the domain you're setup to connect to.

Edit: Just checked the 2.2 upgrade guide and find the following:

Join all Cisco ISE nodes with Active Directory again, if you use Active Directory as your external identity source and the connection to Active Directory is lost. After rejoining, perform the external identity source call flows to ensure the connection

https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/upgrade_guide/b_ise_upgrade_guide_22/b_ise_upgrade_guide_22_chapter_0100.html