Two node ISE deployment. Two Svr2008R2 AD servers. No firewalls in place. I've set up passive id, downloaded the agents to the AD servers. One machine appears to work ok based upon logs and reports. Other machine is giving an Agent Error with description "Make sure agent is up and running". I've restarted the process. Looking at the respective Agent debug log: Metserver2, 10.1.1.203 is the one having the issue
2017-06-29 03:20:37,254 DEBUG - RestClient, Requesting configuration from https://ise240.metlab.local:9095
2017-06-29 03:20:44,118 DEBUG - Domain Controller 10.1.1.203, Event Recieved , handeling event...
2017-06-29 03:20:44,118 DEBUG - Domain Controller 10.1.1.203, Dropping machine authentication ISE242$
2017-06-29 03:20:44,118 DEBUG - Domain Controller 10.1.1.203, Waiting for event...
2017-06-29 03:20:47,270 DEBUG - RestClient, Requesting configuration from https://ise240.metlab.local:9095
2017-06-29 03:20:57,285 DEBUG - RestClient, Requesting configuration from https://ise240.metlab.local:9095
2017-06-29 03:21:07,300 DEBUG - RestClient, Requesting configuration from https://ise240.metlab.local:9095
2017-06-29 03:21:14,133 DEBUG - Domain Controller 10.1.1.203, Waiting for event...
2017-06-29 03:21:17,315 DEBUG - RestClient, Requesting configuration from https://ise240.metlab.local:9095
2017-06-29 03:21:27,330 DEBUG - RestClient, Requesting configuration from https://ise240.metlab.local:9095
2017-06-29 03:21:37,221 DEBUG - Rest Client, Sending dc status to https://ise240.metlab.local:9095
2017-06-29 03:21:37,346 DEBUG - RestClient, Requesting configuration from https://ise240.metlab.local:9095
2017-06-29 03:21:44,147 DEBUG - Domain Controller 10.1.1.203, Waiting for event...
2017-06-29 03:21:47,361 DEBUG - RestClient, Requesting configuration from https://ise240.metlab.local:9095
2017-06-29 03:21:57,376 DEBUG - RestClient, Requesting configuration from https://ise240.metlab.local:9095
2017-06-29 03:22:07,391 DEBUG - RestClient, Requesting configuration from https://ise240.metlab.local:9095
2017-06-29 03:22:14,162 DEBUG - Domain Controller 10.1.1.203, Waiting for event...
2017-06-29 03:22:17,407 DEBUG - RestClient, Requesting configuration from https://ise240.metlab.local:9095
2017-06-29 03:22:27,422 DEBUG - RestClient, Requesting configuration from https://ise240.metlab.local:9095
2017-06-29 03:22:37,312 DEBUG - Rest Client, Sending dc status to https://ise240.metlab.local:9095
2017-06-29 03:22:37,437 DEBUG - RestClient, Requesting configuration from https://ise240.metlab.local:9095
Looking at the ISE passiveid-Agent log
| 2017-06-29 03:11:15,954 ERROR [Timer-1][] com.cisco.idc.agent-probe- Make sure | agent is up and ru |
| nning.. Identity Mapping.probe = Agent , Identity Mapping.dc-host = metserver2.m | etlab.local , Iden |
tity Mapping.server = ise242 ,
| 2017-06-29 03:11:15,954 ERROR [Timer-1][] com.cisco.idc.agent-probe- Agent mets | erver1.metlab.loca |
l did not set DCs status during the last 5 minutes - marking it down.
| 2017-06-29 03:11:15,954 ERROR [Timer-1][] com.cisco.idc.agent-probe- Make sure | agent is up and ru |
| nning.. Identity Mapping.probe = Agent , Identity Mapping.dc-host = metserver1.m | etlab.local , Iden |
tity Mapping.server = ise242 ,
| 2017-06-29 03:12:15,953 ERROR [Timer-1][] com.cisco.idc.agent-probe- Agent mets | erver2.metlab.loca |
l did not set DCs status during the last 5 minutes - marking it down.
| 2017-06-29 03:12:15,954 ERROR [Timer-1][] com.cisco.idc.agent-probe- Make sure | agent is up and ru |
| nning.. Identity Mapping.probe = Agent , Identity Mapping.dc-host = metserver2.m | etlab.local , Iden |
tity Mapping.server = ise242 ,
| 2017-06-29 03:12:15,954 ERROR [Timer-1][] com.cisco.idc.agent-probe- Agent mets | erver1.metlab.loca |
l did not set DCs status during the last 5 minutes - marking it down.
| 2017-06-29 03:12:15,955 ERROR [Timer-1][] com.cisco.idc.agent-probe- Make sure | agent is up and ru |
