Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
615
Views
0
Helpful
2
Replies

ISE Local Time

Mady
Level 4
Level 4

‎09-01-2017 09:27 PM - edited ‎02-21-2020 10:33 AM

Hi,

 

I would like to seek your help with our ISE time settings. We have 2-node deployment we upgraded it  toversion 2.1. After we upgraded the ISE we encountered issue with NTP. Both primary and secondary nodes are not in synch with NTP. 

 

Both primary and secondary nodes have same local time however, we encounter issue with the secondary, it keeps on disjoining to Active Directory. We need to manually adjust the time to atleast 1 minute advance on current time of primary ISE for it to successfully joined on AD.

 

Can you help me understand why does the secondary ISE always disjoin with our AD even they have same time (local time) with primary ISE. We don't encounter the clock skew error with our primary ISE.

And what are the possible reasons why ISE local time change?

 

Thank you for your help! :)

 

Regards,

Mady

 

Labels:
0 Helpful
2 Replies 2

Mohammed al Baqari
Level 11
Level 11

‎09-04-2017 06:04 AM

Hi,

 

Cisco best practice is to have AD and ISE syncing with same time server as this is known issue. Is your secondary ISE consistently synched with ISE

0 Helpful

Mady
Level 4
Level 4
In response to Mohammed al Baqari

‎09-26-2017 08:14 PM

yes, secondary ISE is synched. I opened a TAC case and the engr accessed the root to  modify the ntp config but it is just a workaround. I'm still waiting for the resolution from dev team.

0 Helpful
Customers Also Viewed These Support Documents