Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
439
Views
0
Helpful
1
Replies

ISE 2.4 LDAP policy breaks after AD group name change.

Josh Jones
Level 1
Level 1

‎08-28-2018 08:05 PM

Recently an Active Directory administrator has renamed a Security Group, say RADIUS_L15 to  RADIUS_LEVEL15 in a windows world this is not a problem as the SID is referenced and the group name updated automatically. However this did not happen and our Policy looking for RADIUS_L15 failed. Has anyone experienced this issue. External identity lookup using LDAP to a Win 2008 R2 functional level AD.

0 Helpful
1 Reply 1

hslai
Cisco Employee
Cisco Employee

‎08-29-2018 09:56 PM

ISE is currently unable to update the name of an AD group automatically. However, the group search should be based on the SID.

If you have a TAC case, please ask TAC to log a bug. Otherwise, please message me your company name and email as a reference for me to file one.

0 Helpful
Customers Also Viewed These Support Documents