cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2028
Views
0
Helpful
6
Replies

ISE 3.1.0.518 CLI users can't use GUI

jstrowe-admin
Level 1
Level 1

It's been a while and I have a number of local admin accounts that work just fine via putty and cli but don't work in the gui.  How do I set up a GUI account from the CLI.  Thankfully I CAN get into the cli as admin.

Is there any way at the cli to get a list of all users (not just logged in ones)

I'm finding a lot of KB articles on setting up cli users but can't find the:

1. can I make the same cli user work in the gui (it doesn't at this point)

OR

2. How to I just set up a gui admin.

1 Accepted Solution

Accepted Solutions

You don't, CLI and GUI users are completely separate within ISE.  

You can run application reset-passwd ise admin to reset the ISE GUI admin account.

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200568-ISE-Password-Recovery-Mechanisms.html#anc10

View solution in original post

6 Replies 6

You don't, CLI and GUI users are completely separate within ISE.  

You can run application reset-passwd ise admin to reset the ISE GUI admin account.

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200568-ISE-Password-Recovery-Mechanisms.html#anc10

Hmm, thank you "but".

I wanted to create new gui users then.  I don't want to reset the admin account at least yet since that requires a reboot and it's Friday afternoon and that will make users very cranky.

So how do I create gui users at a command line. If it was in the doc my apologies I just don't see it.  Also if the admin user is locked OUT can I reset it. I did note I DO have admin access at the cli just not as "admin".

I know about "you can run application reset-passwd ise admin to reset the ISE GUI admin account." but I'm obviously hoping I can create a gui user at the CLI. (maybe I'll call them gui-username just to keep them straight)

 

You don't.  You can only create GUI users from the GUI.  

jstrowe-admin
Level 1
Level 1

LOL, well that's rather inconvenient.  Well at least as you point out I can reset the admin account.  If it was locked out will that resolve it?  Famous last words "not a bug it's a feature"

I'm now at a total loss.  I literally changed the password confirmed it 2x (usual) logged in on another putty session and it says access denied.

So frustrated.  I literally had left window putty, changed pw and then in 2nd putty window tried it and it didn't work.

 

jstrowe-admin
Level 1
Level 1

Learning something new. Thank you for helping the newbie.  On this stuff I'm new and based on all my other duties I've learned the same way as everything else... a lot of stress some assistance (from you) for context and then it all works.

Odd system, I can't say I Like it but LOL that's how it is.

Thank again.