Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
794
Views
0
Helpful
0
Replies

ISE 2.2.0.470 - Unable to Search via Name Filter in Active Directory

InfosysNCDSB
Level 1
Level 1

‎07-03-2018 12:27 PM - edited ‎02-21-2020 11:00 AM

Good Day,

 

Current Setup:

ISE Version 2.2.0.470
Distributed Node Environment (2)

Active Directory Connection to 2 Domains

 

Currently attempting to add "Groups" under "Identity Management -> External Identity Sources" for Domain #1. When adding via "Select Groups from Directory" I am unable to adjust the name filter to anything other than "*"

 

At this time my Domain#1 has over 500+ groups and ISE is only able to retrieve 500 groups... I can also add groups via Canonical Group name+ Group SID but I have not been able to easily pull Group SID from AD, I will investigate the second option further if it is determined that Name Filter is broken.

 

Seems similar to Cisco Bug:"CSCvc62279" although this bug is labeled as fixed... Also worth noting that if I attempt to use the workaround "=" I get an error prompt "The characters '=', '<' or '>' are not permitted in the search filter"

 

Let me know if you have any questions and I will get back to you as quickly as possible,

Thank you!

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents