01-30-2021 11:15 AM - edited 01-30-2021 11:22 AM
Hi,
I’m trying to integrate Cisco ISE and AD.
I’ve successfully joined ISE with AD and the status is operational.
The problem is when I tried to retrieve group from AD, only group that are part of Buildin OU and Users OU are shown in the lists.
We’ve created new OU, Group and User in AD but it is not in the ISE group retrieval list. And also when I test user authentication in ISE using the users from newly created groups , it kept failing.
We are deploying two AD in the same domain and we can’t find out if the issue is at AD side or ISE side.
Any idea for AD side to work or ISE to retrieve all groups??
Thank you so much!
Solved! Go to Solution.
01-19-2023 08:35 AM
The issue was solved using administrator privilege user account created on AD.
01-30-2021 06:35 PM
12-29-2022 11:30 PM
Hello,
how did you resolve this? I have similar issue cannot find anything under the new OU. Thanks
01-19-2023 08:35 AM
The issue was solved using administrator privilege user account created on AD.
01-19-2023 09:49 AM
Just want to share how I fixed my issue. I tried to reboot the PAN node didnt help. I dont have technical explanation for this, but the OU and AD groups under that OU were probably not created correctly. I had to recreate them in the AD and ISE started to see it. Luckily it was new OU
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide