Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

268
Views
0
Helpful
1
Replies
mmisonne
Explorer
Explorer
‎09-07-2021 08:24 AM
‎09-07-2021 08:24 AM

ISE 2.7 : Sponsor groupe with AD user can see all guest accounts.

Hello,
I created a new sponsor groupe with user member from AD.
and with the right to manage "only account sponsor has created"

The pb is they can see and manage all guest account.

I noticed that I have this pb only with AD user , not Internal users.
I noticed also, that if I remove all member from AD in the list, they still can login...!
However, they are not specify in any other sponsor group.

It is like the AD-User are automatically members of group "ALL_ACCOUNTS", even if thy are not configured in it.
I user ISE v2.7 patch2.

 

Michel Misonne

0 Helpful
1 REPLY 1
howon
Cisco Employee
Cisco Employee
‎09-07-2021 02:21 PM
‎09-07-2021 02:21 PM

Do you have a match policy for ALL_ACCOUNTS groups configured for 'Other conditions (optional)'? If not, then you shouldn't be matching the ALL_ACCOUNTS group and suggest creating a TAC SR for troubleshooting.

0 Helpful
Latest Contents
What's New in Network Security - October 2021
Created by aprata on 10-20-2021 02:07 PM
1
0
1
0
This month, we're excited to bring awareness to a newly formed partnership between Cisco Secure and IBM. Securing today's dynamic enterprise applications is critical. With hybrid and multi-cloud adoption, traditional network-based security ran into limita... view more
(Podcast) S8|E42 API Visibility with APIClarity
Created by Amilee San Juan on 10-20-2021 01:00 PM
0
0
0
0
Listen: https://smarturl.it/CCRS8E42Follow us: twitter.com/CiscoChampion APIClarity is an open source, cloud-native visibility tool for APIs. It utilizes a Service Mesh framework to capture and analyze API traffic and identify potential risks. Tune i... view more
Cisco Secure Terraform Series - Network Range, ICMP, and FQD...
Created by petepere on 10-20-2021 11:14 AM
0
0
0
0
Hello everyone, A new video in the Cisco Secure Terraform Series has just been published. If you are interested in Infrastructure as Code, and Terraform, you don't want to miss out on this amazing series with Jason "Canadian Bacon" Maynard! Newe... view more
Configuring IPsec IKEv2 Remote Access VPN with Cisco Secure ...
Created by Marvin Rhoads on 10-13-2021 03:54 AM
0
25
0
25
  Whitepaper - Configuring IPsec IKEv2 Remote Access VPN with Cisco Secure Firewall Marvin Rhoads 10-13-2021         Abstract / Introduction............................ 1 Problem Statement............................ view more
Cisco Survey: Seeking active Cisco Secure Firewall users
Created by aprata on 10-11-2021 02:12 PM
0
0
0
0
Hi everyone,    The Cisco Secure Firewall and SecureX teams are looking for feedback from active Secure Firewall users who may or may not have already activated SecureX. Your responses will help us improve the Firepower experience in SecureX. Th... view more
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Event
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad

ISE Webinars

Did you miss a previous ISE webinar?

CiscoISE YouTube Channel