Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
764
Views
0
Helpful
1
Replies

Cisco ISE rule on two active directory domain with trust relationship

ratnapurnama
Level 1
Level 1

‎10-23-2013 12:34 AM - edited ‎03-10-2019 09:01 PM

Dear all,

If a company has two domains (example abc.com and xyz.com) with trust relationship between these AD, can we setup authorization rules on Cisco ISE for example group IT in abc.com get access to server A and group IT in xyz.com get access to server B? Is this possible? I'm trying this in my lab but it still doesn't work. I connect to abc.com in the AD configuration on ISE and from there I am able to query xyz.com user group. But if I use the xyz.com group in authorization rule, it keeps getting bypassed by ISE. but running normally with abc.com. Please help.

Regards,

Ratna

Labels:
0 Helpful
1 Reply 1

aqjaved
Level 3
Level 3

‎10-23-2013 06:12 AM

Please Check the below guide which will be help for you:

http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_auth_pol.html#wp1053958

0 Helpful
Customers Also Viewed These Support Documents