Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1558
Views
0
Helpful
2
Replies

Failed AD integration with cisco ISE 2.6

akash.tiwari
Level 1
Level 1

‎02-25-2020 09:21 PM

Hi 

 

I am using ise 2.6 in my network i am integrating the AD server with ise not getting error network connectivity failed, although I am able to ping from each other. please let me know there is any misconfiguration or other reason to occur this problem. I am attaching a screenshot of that error. Screenshot_222.png

0 Helpful
2 Replies 2

Marvin Rhoads
Hall of Fame
Hall of Fame

‎02-26-2020 04:06 AM

Check for SRV records in DNS for your domain controller. You can do that as follows:

nslookup
Set type=all
_ldap._tcp.dc._msdcs.mydomain.com

(Substitute your valid domain name in place of "mydomain.com".)

0 Helpful

Cristian Matei
VIP Alumni
VIP Alumni

‎02-26-2020 06:30 AM

Hi,

    

    Based on the provided output, make sure that the DNS server that ISE uses points towards one of your Windows DNS Servers which are member of the domain you're trying to join. If it still does not work, look here in order to enable advanced debugs and provide more relevant output:

 

  https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/ise_active_directory_integration/b_ISE_AD_integration_2x.html#reference_5A63D203661E4E7CA353CDDC4F057CD8

 

    Basically, except the above statement, make sure ISE and your DC have time in sync (via NTP or manually), you have IP connectivity between ISE and DC.

 

Regards,

Cristian Matei.

0 Helpful
Customers Also Viewed These Support Documents