Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
1954
Views
10
Helpful
4
Replies

Is it possible to input user info from excel or manually in ISE

Go to solution
interfacedy
Spotlight
Spotlight

ā€Ž08-29-2021 09:10 AM

Hi ISE ver 2.7, Is it possible to input user info from Excel or manually? Thanks 

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee
In response to interfacedy

ā€Ž08-29-2021 03:51 PM

ISE does not import anything from Active Directory. When joined to AD, ISE creates machine accounts in AD for each ISE node joined and uses those machine accounts to query the directory for attributes like Security Group membership. You can use those group memberships as matching conditions in your authorization policies.

See the ISE Secure Wired Access Prescriptive Deployment Guide for examples on adding AD groups and creating policies.

More details on the AD integration can also be found here - Active Directory Integration with Cisco ISE 2.x 

View solution in original post

4 Replies 4

Go to solution
interfacedy
Spotlight
Spotlight
In response to Rob Ingram

ā€Ž08-29-2021 03:06 PM - edited ā€Ž08-29-2021 03:18 PM

Hi Rob, thank you very much for your reply. Yes, the document can tell it.

The reason why i posted the question is I want to check where the AD database is located at the ISE after importing windows AD database into ISE via join point. After i created user account manually in ISE, i can see it in the ISE, but why I cannot see all user account info which was imported from windows AD? I think i already imported AD database into ISE successfully, but cannot see it.

0 Helpful

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee
In response to interfacedy

ā€Ž08-29-2021 03:51 PM

ISE does not import anything from Active Directory. When joined to AD, ISE creates machine accounts in AD for each ISE node joined and uses those machine accounts to query the directory for attributes like Security Group membership. You can use those group memberships as matching conditions in your authorization policies.

See the ISE Secure Wired Access Prescriptive Deployment Guide for examples on adding AD groups and creating policies.

More details on the AD integration can also be found here - Active Directory Integration with Cisco ISE 2.x 

Go to solution
interfacedy
Spotlight
Spotlight
In response to Greg Gibbs

ā€Ž08-29-2021 05:45 PM - edited ā€Ž08-29-2021 05:45 PM

Thank you Greg! Its a very good document talking about the relation among these terms clearly. 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents