Solved: ISE AD Integration Fails

NiTech · ‎06-23-2021

We have ISE 2.7 and tried to integrate with AD. Unfortunately following error occurred

Error Description: Request Timed Out

Support Details...
Error Name: LW_ERROR_RPC_LSA_TIMEOUT
Error Code: 60000

Detailed Log:

Checked the following :

Time on ISE and DNS are same

Firewall ports are open and verified

Confirmed the reachability between ISE and Domain controller.

NiTech · ‎06-24-2021

E

Issue has been resolved after the latest patch 4 installation

View solution in original post

Mike.Cifelli · ‎06-23-2021

Have you attempted to verify AD side firewall as well? Capture traffic on AD side from ISE? Try taking a look at the following:

Identity Service Engine (ISE) and Active Directory (AD) Communications; Protocols, Filters and Flow. - Cisco

NiTech · ‎06-23-2021

Thanks for the responds,

Sure we will check the tcp dump,

As per my initial tshoot,we allowed all port on firewall.

NiTech · ‎06-24-2021

E

Issue has been resolved after the latest patch 4 installation

harishbau084 · ‎12-12-2023

We have faced same issue on ISE 3.2 patch 3, and its fixed on patch 4

jitendrac · ‎12-18-2023

We also faced the same issue while joining the PSN node to AD error was " LW_ERROR_RPC_LSA_TIMEOUT error code 60000" on ISE 3.2 patch 3, and after applying patch 4, the issue was resolved.

mcwsupport35297 · ‎12-19-2023

a soft reboot will also fix the issue.