cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1086
Views
1
Helpful
1
Replies

ISE AD passive ID

wileong
Cisco Employee
Cisco Employee

Hi,

We are positioning ISE Base for AD passive ID. Part of ISE passive ID on AD require some changes in AD. Upon checking on the documentation, the following is the requirement

My customer is not comfortable with changing AD setting and registry. Understand that there is a ISE agent auto configuration, does the ISE automation perform the same as above?

If my customer is not comfortable with the above steps, what option do we have? SPAN?

Thanks

Wing Churn

1 Accepted Solution

Accepted Solutions

Timothy Abbott
Cisco Employee
Cisco Employee

Hi,

The "Config WMI" button automates the required steps to remotely monitor AD logon events.  The agent is less intrusive because it is a native windows application.  The agent can be install on the controller itself or on a member server that will then monitor the DC.  If either approach is unacceptable, the customer can either use kerberos SPAN or syslog.

Regards,

-Tim

View solution in original post

1 Reply 1

Timothy Abbott
Cisco Employee
Cisco Employee

Hi,

The "Config WMI" button automates the required steps to remotely monitor AD logon events.  The agent is less intrusive because it is a native windows application.  The agent can be install on the controller itself or on a member server that will then monitor the DC.  If either approach is unacceptable, the customer can either use kerberos SPAN or syslog.

Regards,

-Tim