cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
505
Views
2
Helpful
4
Replies

ISE 2.7 Alarm

Santosh Shetty
Level 1
Level 1

Don't see any issue on ISE system but intermittently getting this Alarm mail.

ISE Alarm : Critical : Identity Store Unavailable

Description :

The ISE Policy Service nodes are unable to reach the configured identity stores

 

4 Replies 4

klnnnnng
Level 1
Level 1

Hi Santosh,

have you checked if the AD connection is up and operational? 

It is under Administration -> External Identity Source ->

Regards,

Yes, AD connection is up and operational, don't see any issue. Only thing is that all nodes are in different location. 

We also sometime see Alarm with following Description :

Replication failed alarm occurs on the secondary node if it fails to consume the replicated message

 

Maybe you can check if the connectivity between both nodes is reliable.

 

We also sometime see Alarm with following Description :

Replication failed alarm occurs on the secondary node if it fails to consume the replicated message

This could be related to CSCvq48396

It could be related to some latency between ISE nodes and the AD. I would try to enable debugs on ISE and look at the "ad_agent.log" file which should give you some details about what's going on. To do so you can go to Operations > Troubleshoot > Debug Wizard > Debug Log Configuration > Select the node > Search for Active Directory and select it > Edit and change the log level to debug. Once that is done, you can go to Operations > Troubleshoot > Download logs to download the logs file. Also, please remember to reset the Active Directory log level back to its default once you finished your troubleshooting.