Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2681
Views
5
Helpful
5
Replies

ISE 3.0 ERROR MESSAGE "ACTIVE_DIRECTORY_DIAGNOSTIC_TOOL_ISSUES_FOUND"

Go to solution
shlomoi
Level 1
Level 1

‎03-30-2022 01:29 PM

Hi friends

recently we upgraded the ISE system from 2.4 to 3.0.  since then we get this error message.

Alarm Name :

Active Directory diagnostic tool found issues

 

Details :

 ACTIVE_DIRECTORY_DIAGNOSTIC_TOOL_ISSUES_FOUND need to complete

Description :

One or more Active Directory diagnostic tests failed during a scheduled run.

 

Has anyone experienced such a glitch.

 

Thanks  SHLOMO ITZAHK 

1 person had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Damien Miller
VIP Alumni
VIP Alumni

‎04-05-2022 10:17 AM - edited ‎04-05-2022 10:18 AM

You can see exactly what's generating the error if you drill in to the diagnostic tool.

  1. Navigate here https://<your ise admin ip>/admin/#administration/administration_identitymanagement/administration_identitymanagement_external
  2. Click on your active directory connector highlighted in yellow
    AD-1.png

  3. Click the checkbox next to one of the nodes and then the "Diagnostic Tool" link
    AD-2.png

  4. Once in the Diagnostic Tool you will be able to see the results, run a new test, determine which test is causing the warning. 
    AD-3.png

View solution in original post

5 Replies 5

Go to solution
Arne Bier
VIP
VIP

‎03-31-2022 11:07 PM

I have a vague memory of also seeing this - but the problem is seen intermittently and when you run a manual scan, all is well.

It's similar to the NTP and Smart Licensing health checks - they appear at random times of the month/time and when you test NTP and Smart Licensing, there are no issues.  It's like chasing ghosts.

0 Helpful

Go to solution
Damien Miller
VIP Alumni
VIP Alumni

‎04-05-2022 10:17 AM - edited ‎04-05-2022 10:18 AM

You can see exactly what's generating the error if you drill in to the diagnostic tool.

  1. Navigate here https://<your ise admin ip>/admin/#administration/administration_identitymanagement/administration_identitymanagement_external
  2. Click on your active directory connector highlighted in yellow
    AD-1.png

  3. Click the checkbox next to one of the nodes and then the "Diagnostic Tool" link
    AD-2.png

  4. Once in the Diagnostic Tool you will be able to see the results, run a new test, determine which test is causing the warning. 
    AD-3.png

Go to solution
shlomoi
Level 1
Level 1
In response to Damien Miller

‎04-07-2022 08:03 AM

Hi Damien Miller ,

Thanks for your help, I performed the test and found that my ISE samples an old server disconnected and unused, how do I stop sampling this server.

Attaches a picture of the sample results

Thank you very much





[cid:image001.png@01D84AA9.AE647FE0]



Shlomo Itzhak


0 Helpful

Go to solution
Charlie Jones
Level 1
Level 1
In response to shlomoi

‎01-30-2023 12:41 PM

Hi, I am running into the same issue after upgrading from 2.4 to 3.0.  I know the problem existed prior to upgrading to 3.0 but we weren't being alerted on the issue.   When you ran the test, did the test provide you with the information related to the old server?  If not, how did you find that data?  I have the same issue with the DNS A/AAAA and DNS SRV record query tests.  I have opened a TAC case and I have reached out to our systems team.  The test details that ISE is providing are very limited on where to look for the problem.

0 Helpful

Go to solution
Marcelo Morais
VIP
VIP
In response to Charlie Jones

‎01-30-2023 05:50 PM - edited ‎01-30-2023 05:50 PM

Hi @Charlie Jones ,

 please take a look at ISE - Slow Replication and search for the topic: Active Directory Diagnostic Tool, special attention to the 3x Bug IDs described.

Hope this helps !!!

0 Helpful
Customers Also Viewed These Support Documents