Solved: Re: AD integratoin issue SRV record error

ymadheka · ‎11-26-2017

Hi Team,

We are in the middle of an ISE deployment where facing errors while integrating ISE with the domain controller. The scenario is that there are two separate entities of the same group with multiple AD domains but are using same WLC controller. One of the domain is not getting integrated with main configuring two-way trust, although this scenario is supported by ISE.

Below reference links for AD prerequisite:

https://urldefense.proofpoint.com/v2/url?u=https-3A__www.cisco.com_c_en_us_td_docs_security_ise_1-2D3_ISE-2DADIntegrationDoc_b-5FISE-2DADIntegration.html-23reference-5FEA017E71F25145C9A1374373ABFA102E&d=DwMFAg&c=jf_iaSHvJObTbx-siA1ZOg&r=C1VsiT-BuwHK8...

https://urldefense.proofpoint.com/v2/url?u=https-3A__blogs.msdn.microsoft.com_servergeeks_2014_07_12_dns-2Drecords-2Dthat-2Dare-2Drequired-2Dfor-2Dproper-2Dfunctionality-2Dof-2Dactive-2Ddirectory_&d=DwMFAg&c=jf_iaSHvJObTbx-siA1ZOg&r=C1VsiT-BuwHK8ArV2...

Kindly advise.

ognyan.totev · ‎11-27-2017

Ok i see it is from ISE side but what u see in domain site .Are you have FQDN for ISE you needed for sure .

Open some CMD from domain computer and try ping ISE Hostname see what happend . I am almost sure you dont have valid DNS records.

View solution in original post

ognyan.totev · ‎11-27-2017

Ok i see it is from ISE side but what u see in domain site .Are you have FQDN for ISE you needed for sure .

Open some CMD from domain computer and try ping ISE Hostname see what happend . I am almost sure you dont have valid DNS records.

kthiruve · ‎11-27-2017

Also make sure the sites are properly configured and ISE FQDN has forward as well as reverse lookup configured.

-Krishnan