cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
3088
Views
0
Helpful
2
Replies

Cisco ISE integration with AD

beejrteek
Level 1
Level 1

Hi All!

I have a problem between Cisco ISE and Active Directory. After adding AD to Cisco ISE I have a Failed Status in Active Directory Diagnostic Tool, rest of test is working good.

Test result: 


DNS A record high level API query  
ad
 
   
DNS A record low level API query  
ad
 
 
 
DNS SRV record query  
ad
 
   
DNS SRV record size  
ad
 

 

I've checked SRV and A record via nslookup:

 

XXXXXXXXISE-w/admin# nslookup AD.AD querytype A
Trying "AD.AD"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30023
;; flags: qr rd ra; QUERY: 1, ANSWER: 15, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;AD.AD. IN A

;; ANSWER SECTION:
AD.AD. 247 IN A 10.1.1.1
AD.AD. 247 IN A 10.1.1.2
AD.AD. 247 IN A 10.1.1.3
AD.AD. 247 IN A 10.1.1.4
AD.AD. 247 IN A 101.1.5
AD.AD. 247 IN A 10.1.1.6
AD.AD. 247 IN A 10.1.1.7
AD.AD. 247 IN A 10.1.1.8
AD.AD. 247 IN A 10.1.1.9
AD.AD. 247 IN A 10.1.1.10
AD.AD. 247 IN A 10.1.1.11
AD.AD. 247 IN A 10.1.1.12
AD.AD. 247 IN A 10.1.1.13
AD.AD. 247 IN A 10.1.1.14
AD.AD. 247 IN A 10.1.1.15

Received 264 bytes from 10.2.2.2#53 in 10 ms
XXXXXXISE-w/admin# nslookup AD.AD querytype srv
Trying "AD.AD"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42484
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;AD.AD. IN SRV

;; AUTHORITY SECTION:
AD.AD. 3587 IN SOA XXXXXXX.AD.AD. hostmaster. 2664884 900 600 86400 3600

Received 83 bytes from 10.2.2.2#53 in 8 ms

 

Please be aware that 10.2.2.2 is DNS server for Cisco ISE - this IP address is fake address (I must replace original IP based on security)

All IP address in this discussion is fake

 

 

How can I resolve this problem ?

1 Accepted Solution

Accepted Solutions

hslai
Cisco Employee
Cisco Employee
2 Replies 2

thomas
Cisco Employee
Cisco Employee

Sounds like a DNS issue.

Suggest you call TAC for troubleshooting.

 

hslai
Cisco Employee
Cisco Employee

See CSCuz96643

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: