Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
866
Views
0
Helpful
3
Replies

Device Admin Internal Groups are not available

Go to solution
kai.onken
Level 1
Level 1

‎06-24-2018 03:38 AM - edited ‎02-21-2020 10:59 AM

Good Moring,

 

After I added successfully some User Identity Groups by using "Work Centers -> Device Administration", I added some Local Identities to those Groups. The Policy Elements have also been added.

 

When I now try to add "Device Admin Policy Sets" happens this. I add a new Policy Set, added a policy name, added as an condition the locations of the devices and selected "Default Device Admin" and saved the policy set.

After Saving I pressed View button ">", opend Authentication Policy and set the Default value to "Internal Users" and save the Policy Set successfully.

Then I opend the Authorization Policy Tab, defined a rule name, selected my command set and shell profiles. Up to this point everything works fine.

Now my Problem starts: When I press "+" to add a new condition, normally I should be able to select my "User Identity Groups", I created before. But no "User Identity Groups" groups are vailable. But why:

 

ISE Version: 2.3

AD Join: Yes, Windows Server 2012 R2

Licence: Device Administration, Endpoint

 

Many thanks and kind regards

Kai

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎06-24-2018 07:13 AM

What patch level are you running? There were several bugs in ISE 2.3 (unpatched) that relate to Policy Studio. Most notably for your case I'd suspect:

 

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvf87440 (fixed in Patch 2).

 

In general I recommend 2.4 (currently at patch 1) over 2.3 since 2.4 will be a long term support release.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎06-24-2018 07:13 AM

What patch level are you running? There were several bugs in ISE 2.3 (unpatched) that relate to Policy Studio. Most notably for your case I'd suspect:

 

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvf87440 (fixed in Patch 2).

 

In general I recommend 2.4 (currently at patch 1) over 2.3 since 2.4 will be a long term support release.

0 Helpful

Go to solution
kai.onken
Level 1
Level 1
In response to Marvin Rhoads

‎07-11-2018 04:56 AM

Thanks, for the tip. This was the solution on one side. The other point I forgot, was that on the left side, when you "build" a compound conditon, you can used previous save conditions and I was wondering, why I can't see here the conditions I've used. I haven't saved them for future use.

 

Thanks and kind regards

Kai

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to kai.onken

‎07-11-2018 08:17 PM

@kai.onken thanks for the feedback and the rating. 

0 Helpful
Customers Also Viewed These Support Documents