cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

2787
Views
0
Helpful
4
Replies
Highlighted
Beginner

ISE - LDAP Error - 22056 Subject not found in the applicable identity store(s)

Dear All,

 

I am getting following error, when trying to authenticate switch via LDAP. I have attached the authentication policy.

 

22056 Subject not found in the applicable identity store(s)

 

 

Please suggest.

 

Thank You,

4 REPLIES 4
Highlighted
Rising star

Sounds like the username is not located where you have set the ise ldap config to look for subjects

Highlighted

Thank you Jan.

 

It exists in AD. Captured logs on AD shows, when AD is responding for LDAP query, it is giving as success 0 saying user not found, dont know why.

 

Thank You,

Abhisar.

Highlighted

Maybe you are looking in the wrong OU for those users, LDAP is alot more tricky when it comes to finding users. I usually download the softerra ldap browser and connect to the ldap server, so i can check that the user is where i expect it to be in the ldap tree.

Highlighted

Hello,

Did you try with the username followed with fqdn?

In other words, if you domain is aqme.com and the username is user, please try with user@aqme.com.

I had the same problem while authenticating Sponsor user against a LDAP and it did the trick.

Hope this helps.