I have a user on my team [my manager actually] who can't login to our ISE admin node. He's using an active directory account that should allow him to login to the web GUI and look at logs etc. Other members of our team can login fine. I see his account when I go to Administration>Admin Access>Admin Users. His account is there, enabled and everything looks great. I can't seem to find a log that shows why his account is being denied, he essentially gets a generic "username and password aren't correct" message. He can use this same account with other devices and he get's in ok so it appears the account is ok otherwise.
We are running ISE version 2.2.0.470 patch 13. I tried googling the solution but I am largely getting articles that talk about how to setup admin access not really how to troubleshoot when it's not working. Can someone point me in the right direction to see a log file that shows why his account is being denied?