Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
701
Views
1
Helpful
4
Replies

ISE EXTERNAL IDENTITY SOURCE

Ben Bee
Level 1
Level 1

ā€Ž08-17-2023 01:28 AM

Hello Community

I am working 802.1x authentication using ISE. On the external identity sources I have been able to add/retrieve the domain computers group from AD but I do not see the retrieved group when trying to add it in the authorization policy condition. I only see groups  that my current user account is a member of in AD. what could be reason for this.

thanks 

0 Helpful
4 Replies 4

ahollifield
VIP
VIP

ā€Ž08-17-2023 03:54 AM

I've seen this before where the AD groups take some time to show up in the conditions studio.  Log out / login back in to ISE.  Also try a different browser.  What version of ISE is this?

0 Helpful

Ben Bee
Level 1
Level 1
In response to ahollifield

ā€Ž08-17-2023 04:26 AM

 

Its been days now. I am able see users groups but unable to see computer groups retrieved from AD

It's version 3.1

0 Helpful

andrewswanson
Level 7
Level 7
In response to Ben Bee

ā€Ž08-17-2023 06:38 AM

Can ISE retrieve groups for a given machine account using the "Test User" feature?

The is available on the "Connection" tab of the Active Directory External Identity Source:

andrewswanson_0-1692279460208.png

 

Set Authentication Type to Lookup and enter machine name in Username box.
hth
Andy

thomas
Cisco Employee
Cisco Employee

ā€Ž08-17-2023 10:47 AM

Make sure you click Save after selecting the groups. The should be available immediately.

0 Helpful
Customers Also Viewed These Support Documents