Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4477
Views
0
Helpful
1
Replies

Alarm Name : Active Directory forest is unavailable

Capricorn
Level 1
Level 1

‎07-01-2020 03:04 AM

Hello All!

 

I am running version 2.4.0.357 patch 8. 

 

I saw the following critical alert and after that I saw that few Radius error as below.

Alarm Name :

Details :

Active-Directory forest is unavailable  Forest=Domain Name, ISE01

Description :

Active Directory forest GC (Global Catalog) is unavailable, and cannot be used for authentication, authorization and group and attribute retrieval.

 

Severity :

Critical

 

Suggested Actions :

Check DNS configuration, Kerberos configuration, error conditions, and network connectivity.

 

*** This message is generated by Cisco Identity Services Engine (ISE) ***

 

Event5405 RADIUS Request dropped
Failure Reason24708 User not found in Active Directory. Some authentication domains were not available

 

The user were able to connect after few mins.

I can see that connection to AD is healthy.

 

Anyone seen this kind of issue and possible fix?

 

Thanks

0 Helpful
1 Reply 1

Damien Miller
VIP Alumni
VIP Alumni

‎07-01-2020 08:54 AM

This is usually caused by three things not specific to ISE, DNS issues, network communication issues, and last but not least, an issue with AD itself.

If it started working again on its own, then It's likely one of those three.
0 Helpful
Customers Also Viewed These Support Documents