02-21-2017 02:43 AM
FYI I had a colleague come across this new bug specific to ISE 2.2:
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvd01079
It's not listed in the Release Notes open caveats as of the 31 January posting date.
The symptom is the Endpoint Purge setings page tells the end user they are not licensed for configuring the feature. Of couse this is a Base feature and the admin users should certainly be able to configure it.
The workaround is "install Plus license". A bit hard to do when the customer only has Base licenses.
I do hate it when a Bug is marked "fixed" and the work around is not feasible for most customers and there's no released patch addressing it.
</end rant>
Solved! Go to Solution.
02-22-2017 09:15 AM
Thanks for the feedback.
If your customer running into this bug, please open a TAC case as TAC may issue a temporary PLUS license to cover until the patch becomes available.
02-22-2017 09:15 AM
Thanks for the feedback.
If your customer running into this bug, please open a TAC case as TAC may issue a temporary PLUS license to cover until the patch becomes available.
02-22-2017 06:58 PM
Thanks - TAC reports it will be fixed in 2.2 Patch 1. Meanwhile the customer's account SE was able to get them a 90 day Plus license.
Is there any projection on the release date for Patch 1?
02-23-2017 01:07 AM
I apologize, but patch release dates could shift and we do not share it in the public forums.
02-28-2017 09:39 AM
Marvin,
We try not to comment on patch releases dates and contents - it's too hard to manage expectations.
Too often customers treat a given date or anticipated bug list as a contract and get upset if things change.
It's best to work through TAC and the ISE Escalation team for your bug since that is how these fixes are typically prioritized in patches.
07-10-2017 07:37 PM
I have IE 2.2 patch 1 and I am still facing the same issue as explained in this discussion.
The bug ID mentions it's fixed in 2.2(0.901) - how does patch 1 relate to the 0.901 numbering? Is this actually fixed in patch 1?
I only have base license installed.
cheers
07-17-2017 12:21 PM
From the Release Notes for Cisco Identity Services Engine, Release 2.2 - Cisco you will see a section for bug fixes in Patch #1 @ Resolved Issues in Cisco ISE Version 2.2.0.470—Cumulative Patch 1 :
CSCvd01079 Endpoint Purge doesn't work with Base License on ISE 2.2.
Our engineering team's release numbering scheme uses 9xx builds for noting the patch releases.
901 = Patch 1
902 = Patch 2
...
12-07-2017 08:49 AM
Adding to this thread.
I see conflicting information on this behavior and customers reporting it:
- On one side there is the bug referenced above that should be fixed in 2.2P1 but is not fixed.
- On the other side, I see information that PLUS licenses are required to use endpoint purge since this feature is tied to profiling.
Which one is the right answer?
Thanks
12-07-2017 09:42 AM
The bug is resolved in ISE 2.2 Patch 1. Please provide the TAC case number so we may follow up.
12-07-2017 01:59 PM
I will retract my comment on 11 July where I said the Endpoint purge didn't work. It did work. Purging works just fine and you don't need a Plus license.
I wasn't thinking right, and didn't realise that GREATERTHAN 1 actually means 2,3,4, ... so I was expecting the Endpoint to be deleted after 1 day (because my brain confused after with greater than)
Anyway. There are other issues with Endpoint Purge that I won't go into right now. I have a TAC case open that is looking at the Alarms details page relating to Endpoint Purge. That is definitely still broken even in ISE 2.3 patch 1. No bug yet.
I have another TAC case relating to Endpoint, because ISE is unable to run an automated Purge where the Endpoint Identity Group is NULL/Empty. CSCvg46494 - Fix in 2.4 apparently.
12-08-2017 09:27 AM
CSCvg46494 has not been addressed in any ISE release yet but we do expect its fix will go to 2.4 first.
03-11-2018 06:29 PM
Hello
Is CSCvg46494 going to make it into ISE 2.4 ?
thanks
Arne
03-11-2018 06:42 PM
Besides addressed in ISE 2.2 Patch 6, the last ISE 2.4 beta drop should have the fix as well.
03-11-2018 07:52 PM
What about ISE 2.3? I am currently on ISE 2.3 patch 2 and I raised my TAC case when I was on ISE 2.2 at the time. But that does not mean that ISE 2.3 should NOT have this fix.
If a bug is discovered in ISE 2.0, for a feature that has been in existence since 2.0, then (in my opinion) the fix should be integrated into 2.0, 2.1, 2.2, 2.3 and any other 2.x release.
03-11-2018 08:52 PM
If you needing it soon, please ask TAC to request a hot patch for ISE 2.3. Otherwise, we need to wait for patch parity with ISE 2.2 Patch 6.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide