01-30-2024 10:23 PM
Don't see any issue on ISE system but intermittently getting this Alarm mail.
ISE Alarm : Critical : Identity Store Unavailable
Description :
The ISE Policy Service nodes are unable to reach the configured identity stores
01-30-2024 11:44 PM
Hi Santosh,
have you checked if the AD connection is up and operational?
It is under Administration -> External Identity Source ->
Regards,
01-31-2024 12:00 AM
Yes, AD connection is up and operational, don't see any issue. Only thing is that all nodes are in different location.
We also sometime see Alarm with following Description :
Replication failed alarm occurs on the secondary node if it fails to consume the replicated message
01-31-2024 12:15 AM
Maybe you can check if the connectivity between both nodes is reliable.
We also sometime see Alarm with following Description :
Replication failed alarm occurs on the secondary node if it fails to consume the replicated message
This could be related to CSCvq48396
01-31-2024 02:14 AM
It could be related to some latency between ISE nodes and the AD. I would try to enable debugs on ISE and look at the "ad_agent.log" file which should give you some details about what's going on. To do so you can go to Operations > Troubleshoot > Debug Wizard > Debug Log Configuration > Select the node > Search for Active Directory and select it > Edit and change the log level to debug. Once that is done, you can go to Operations > Troubleshoot > Download logs to download the logs file. Also, please remember to reset the Active Directory log level back to its default once you finished your troubleshooting.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide