Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
237
Views
0
Helpful
2
Replies

I have a question regarding the deployment of the ISE-PIC agent. Is it

GHOZLANE Haroun
Level 1
Level 1

‎10-29-2025 04:34 AM

Hi Dears,

I have a question regarding the deployment of the ISE-PIC agent.
Is it possible (and supported) to install the ISE-PIC agent on an intermediate Windows Server instead of directly on the Domain Controllers?

If yes, can the communication between the ISE-PIC agent and the Domain Controllers be established using RPC or another protocol?
Or is it strictly recommended to install the ISE-PIC agent only on the Domain Controllers themselves?

Thank you in advance for your clarification.

Regards

0 Helpful
2 Replies 2

Ben Weber
Level 1
Level 1

‎11-17-2025 09:08 PM

Hi @GHOZLANE Haroun 

As per the ISE-PIC administration guide, you are able to install the ISE-PIC agent on a member server (i.e. an intermediate Windows server) instead of the domain controller.

See: Cisco Identity Services Engine Passive Identity Connector Administrator Guide, Release 3.1 - Providers [Cisco ISE Passive Identity Connector] - Cisco for more information.

Good luck!

- BW
Please rate posts if they have been helpful.
0 Helpful

Rob Ingram
VIP
VIP

‎11-17-2025 11:19 PM

@GHOZLANE Haroun FYI, Cisco has announced EOL date for ISE-PIC, you may wish to consider another solution. https://www.cisco.com/c/en/us/products/collateral/security/ise-passive-identity-connector/ise-pic-eol.html#Overview

 

0 Helpful
Customers Also Viewed These Support Documents