We have ISE 2.3 up to replace CDA for our WSA solution. PassiveID is working and pulling all user<>IP mappings and seeing the groups. We need to apply our created SGTs solely based on the PassiveID / AD groups from the users and are not having any luck. We've seen some documentation for older ISE versions but cannot recreate it in 2.3 with Policy Sets on.
CDA and ISE Passive ID cannot assign an SGT today without a RADIUS authorization. External solutions can still leverage AD group info sent in log or pxGrid updates.
CDA and ISE Passive ID cannot assign an SGT today without a RADIUS authorization. External solutions can still leverage AD group info sent in log or pxGrid updates.
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
