Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
378
Views
0
Helpful
4
Replies

Cisco ISE password reset

jimmy100
Level 1
Level 1

‎11-15-2023 02:59 AM

I am wanting to reset the ISE GUI admin password via the ISO. We have 2 ISE in HA failover (Pri/Sec)

My question is, can I power off the Secondary & change the GUI admin password there whilst the Primary is still running. Or do I have to power them both off?

NOTE: I am also UNABLE to log on to the CLI admin account.

0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎11-15-2023 03:06 AM

there is small downtime required for the ISE to go offline to reset password. - suggest to do the password change on Primary.

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200568-ISE-Password-Recovery-Mechanisms.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Rob Ingram
VIP
VIP

‎11-15-2023 03:16 AM

@jimmy100 you can power off the secondary ISE node without experiencing an outage for authenticating sessions assuming the Primary node is also configured as a PSN and the network devices (switches, WLC etc) are configured to use both ISE nodes for AAA.

0 Helpful

jimmy100
Level 1
Level 1
In response to Rob Ingram

‎11-23-2023 02:15 AM

Hi Rob,

Will the secondary appliance then propagate the new password over to the primary when it is booted back up?

0 Helpful

Greg Gibbs
Cisco Employee
Cisco Employee
In response to jimmy100

‎11-23-2023 01:39 PM

No. Neither the CLI nor the GUI admin passwords are synchronized across nodes in a cluster. They need to be managed on each individual node.

0 Helpful
Customers Also Viewed These Support Documents