This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
When I am setting device admin I created 2 "authentication compound conditions" but then I found out another way to setup, so I am not using them in the policy. now, when I want to clean them up, the ISE doesn't let me to delete them, keep saying "Compound condition could not be deleted."
my policy now is not using any Authentication conditions, but only the default rule. Why I am not able to delete them? I have to change their name to be "xxxxx-can-be-deleted".
Am I missing any or ISE won't allow me to del them once they had been created?
You are trying to delete them from Policy > Policy Elements > Conditions ?
The only reason ISE should stop you from deleting the conditions is if they are in use in some rule.
Try going to Policy > Policy Elements > Conditions > Authentication > Compound Conditions
Are you able to see the conditions here too? Try deleting them from here.