01-24-2019 01:37 AM - edited 03-11-2019 01:54 AM
Hello,
Is it possible to create a read-only admin group in ISE 2.2 which provide read_only access to all the menus including policy set menus?
Regards,
Maryam
Solved! Go to Solution.
01-24-2019 02:17 AM
ISE 2.3 onwards you can create read-only users . you can create menu access permissions .
Please refer the guide here- https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_0101.html
Thanks,
Nidhi
01-24-2019 03:53 AM
01-24-2019 01:58 AM - edited 01-24-2019 01:59 AM
you can create a basic access and give it to the user.
go to Administration--->Admin Access--->Administrators----->Admin Users
here is a good link might found you intersting
https://community.cisco.com/t5/policy-and-access/read-only-web-access-to-ise-nodes/td-p/2327124
01-24-2019 02:14 AM
Hi Sheraz,
Thank you for the response.
To my understanding the customisation for the admin groups is limited to "none" or "read and write" to the data.
In my case I want the admins to be able to see everything, including the policy sets, but they should not be able to change anything.
However, with creating a customised admin group I will be able to either give permission to access to a menu and some data, or not to give permission.
If I give permission to access a menu, the admins will be able to read and "change" the data for example the policies.
Is there a way to limit the admins not to change the policies?
The version of ISE I am working with is 2.2 patch 12.
Regards,
Maryam
01-24-2019 02:33 AM - edited 01-24-2019 02:35 AM
the link i share earlier is the similar what was discussed and what Nidi share it to you with more specific to cisco ise release notes. if you read it it explain the same process.
just curious why you make it as answered but not mine.
this is the link i shared earlier
https://community.cisco.com/t5/policy-and-access/read-only-web-access-to-ise-nodes/td-p/2327124
01-24-2019 03:53 AM
01-24-2019 02:17 AM
ISE 2.3 onwards you can create read-only users . you can create menu access permissions .
Please refer the guide here- https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_0101.html
Thanks,
Nidhi
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide