Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
594
Views
0
Helpful
2
Replies

ISE and Prime Infrastructure integration issue

andrewswanson
Level 7
Level 7

‎05-28-2015 03:45 AM - edited ‎03-10-2019 10:45 PM

Hello

I'm looking at integrating ISE (eval ver 1.4.0.253) and Prime Infrastructure (ver 2.2.0 with latest patches) to get client details pulled into Prime.

Its working well with the exception of displaying usernames of users logged into AD bound PC's. The PC's are using Anyconnect as the supplicant - Anyconnect is configured for TEAP. TEAP is working fine on ISE but the username pulled into Prime always displays just the PC name (e.g. "host/<PC_NAME>") regardless of whether a user is logged into the PC.

When a user is logged into the PC I can select the PC in Prime's Clients and Users and drill down into the Client Attributes and see the username as "<USERNAME>.host/<PC_NAME>" but the main Prime Clients and Users window always displays the username as "host/<PC_NAME>".

Prime is getting the correct username info but not updating the main Clients and Users window. I experienced the same issue when using ISE 1.3

Thanks
Andy

Labels:
0 Helpful
2 Replies 2

jan.nielsen
Level 7
Level 7

‎05-28-2015 07:35 AM

Sounds like a bug/unintended function in Prime, you should probably create a tac case for this.

0 Helpful

andrewswanson
Level 7
Level 7
In response to jan.nielsen

‎05-28-2015 09:13 AM

Thanks for the response.


I just checked Prime and it was now showing the correct username under Clients and Users. With a user logged in it was showing the Client Username correctly as <USERNAME> and when I drilled down into the client attributes it showed the username as <USERNAME>.host/<PC_NAME>

Thinking it was now working, I logged the user out of the PC hoping that Client username AND the Client Attribute username would both be host/<PC_NAME> - it wasn't

When a user logs in or out of a PC, it looks like the Client Username isn't updated immediately (it does eventually) while the Client Attribute username does update immediately - see attached pdf for an example where:

  • User called <USERNAME> was logged into PC host/<PC_NAME>
  • Prime correctly shows Client Username as <USERNAME> and Client attribute username as <USERNAME>.host/<PC_NAME>
  • User logs out of PC
  • Prime incorrectly shows Client Username as <USERNAME> and Client attribute username correctly as host/<PC_NAME>
  • After a period of time Prime correctly shows Client Username as host/<PC_NAME> and Client attribute as .host/<PC_NAME>

I'll contact TAC to see why this happens

Thanks
Andy

 

Preview file
224 KB
0 Helpful
Customers Also Viewed These Support Documents