Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
600
Views
0
Helpful
2
Replies

Does all the AD attributes gets updated for every authentication?

adarshane_ISE
Level 1
Level 1

‎09-19-2019 01:22 PM

Our desktop team is upgrading W7 to W10 and after upgrading the old W7 to W10 I have observed on ISE 2.4 some of the attributes still reflects the old W7 machine and hence the machine won't get profiled accurately.

Stale attribute example being AD-Fetch-Host-Name, AD-Operating-System, AD-Service Pack, FQDN and other attributes such as User-Fetch-User-Name, host-name gets updated to match W10.

The only workaround I see is to delete an endpoint and have it reauthenticated to see all the updated attributes. 

Any other recommendations?

 

 

0 Helpful
2 Replies 2

packetplumber9
Level 1
Level 1

‎09-19-2019 02:06 PM

How long are you waiting before checking for updated AD attributes?  In the node profiling configuration there is a box to set the number of days before rescan.  I believe the default is 1 day, so it could be a day or so before you would see updated values depending on the timing of when ISE queries AD and when the endpoint was imaged. 

0 Helpful

adarshane_ISE
Level 1
Level 1
In response to packetplumber9

‎09-19-2019 03:04 PM

@packetplumber9  I am waiting for enough time. Also, the machine AD attribute "AD-Last-Fetch-Time" displays todays time. 

 

Thanks!!

0 Helpful
Customers Also Viewed These Support Documents