Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1673
Views
0
Helpful
4
Replies

Changing local admin password on Cisco ISE in distributed deployment

Go to solution
denizyaran
Level 1
Level 1

‎10-28-2014 08:23 AM - edited ‎03-10-2019 10:09 PM

Hi guys,

 

I manage four Cisco ISEs in a distributed environment.

First ISE is the Admin, second ISE is Monitoring, third and fourth are the PSNs.

We use local authentication. We want to change the password for the admin username.

Will this by any chance break the connection between the ISEs or will the new password pushed to all of them?

There is no option to change the passwords on the PSN as the administration tab is not available.

I know when I create a new user, it is pushed to all ISEs.

 

Thank you.

 

Serge.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Charlie Moreton
Cisco Employee
Cisco Employee

‎10-30-2014 07:30 AM

Serge,

Good question.  Once I read this question, I had to know, so I tried this in my lab.

I changed the admin password and upon successfully changing it, I had to log in to ISE again using the new password.  I then noticed on my dashboard that the communication to my secondary admin node and my PSN was green.  YAY.  I went to the Deployments page and could access the configurations for the nodes.

Having confidence, I logged in to the Secondary Node using the NEW PASSWORD.  So yes, not only does communication NOT break, the new password is pushed down to all nodes.

 

Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question.  Otherwise, feel free to post follow-up questions.

Charles Moreton

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Charlie Moreton
Cisco Employee
Cisco Employee

‎10-30-2014 07:30 AM

Serge,

Good question.  Once I read this question, I had to know, so I tried this in my lab.

I changed the admin password and upon successfully changing it, I had to log in to ISE again using the new password.  I then noticed on my dashboard that the communication to my secondary admin node and my PSN was green.  YAY.  I went to the Deployments page and could access the configurations for the nodes.

Having confidence, I logged in to the Secondary Node using the NEW PASSWORD.  So yes, not only does communication NOT break, the new password is pushed down to all nodes.

 

Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question.  Otherwise, feel free to post follow-up questions.

Charles Moreton

0 Helpful

Go to solution
denizyaran
Level 1
Level 1
In response to Charlie Moreton

‎10-30-2014 08:51 AM

Awesome! Thanks very much for your help Charles!

 

Serge.

0 Helpful

Go to solution
Charlie Moreton
Cisco Employee
Cisco Employee
In response to denizyaran

‎10-30-2014 09:07 AM

Happy to help!

 

Charles Moreton

0 Helpful

Go to solution
jedavis
Level 4
Level 4
In response to Charlie Moreton

‎01-19-2015 02:30 PM

I have a setup similar to Serge's and what Charles says is true. but I would like to offer an addendum.  The CLI passwords must be changed on each node individually.  If these expire you need to boot from an ISO image to reset them.

-Jeff

0 Helpful
Top