Cisco ISE and MS AD Domain User Authentciation

uni1389 · ‎03-21-2025

Hello Guys,

Being new to cisco ISE am trying to authenticate windows PC using DOT1X with following test cases:-

01. By using local PC Windows11 login credentials and ISE Internal users am able to authenticate. Everything is okay

01. By using local PC Windows11 login credentials and ISE MS AD User am able to authenticate. Everything is okay

03. but am not able to authenticate user after login to PC with Windows domain users . How can i do it . Is there any reference to implement this test case.

Regards

Uni

marce1000 · ‎03-21-2025

- For 03 : Check the ISE live logs when trying
Have a look at https://www.mixednetworks.com/cisco-ise/cisco-ise-join-active-directory/

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

uni1389 · ‎03-21-2025

Thanks this part has been done , but still not able to authenticate domain users.

Scott Fella · ‎03-21-2025

Take a look at your policies and the live logs to see what policy its hitting. That way you can at least determine if you are hitting the right policy or not. That will give you information in which you might need to modify an existing rule or possibly re-order your policy.
You can also test the user account with a password or just doing a lookup to verify that ISE can query the username correctly. I don't know where you are at with your testing.

-Scott
*** Please rate helpful posts ***

marce1000 · ‎03-21-2025

- @uni1389 Not sure what part you are talking about ?

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '