cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1388
Views
5
Helpful
7
Replies

ISE node becomes unjoined from AD

dodgerfan78
Level 1
Level 1

A couple times over the last week, one of my ISE nodes has become unjoined from AD. Does anyone know what could cause this? Running 2.4.0357.

 

Thanks.

2 Accepted Solutions

Accepted Solutions

Nadav
Level 7
Level 7

I've seen servers which are down appear under External ID sources as Not Jointed, until they were brought back up.

 

Any chance the servers which were "disjoined" were down or inaccessible during that time?

View solution in original post

I would also check with the AD team to see if the machine account was deleted, moved, or disabled.  I have had this happen in the past.  

View solution in original post

7 Replies 7

Timothy Abbott
Cisco Employee
Cisco Employee

Hi,

 

Please work with the TAC to troubleshoot why this is occuring.

 

Regards,

-Tim

Nadav
Level 7
Level 7

I've seen servers which are down appear under External ID sources as Not Jointed, until they were brought back up.

 

Any chance the servers which were "disjoined" were down or inaccessible during that time?

This is possible, except it happened last night when the PSN was not rebooted or brought down. I can double check though to see if something did happen to it.

I would also check with the AD team to see if the machine account was deleted, moved, or disabled.  I have had this happen in the past.  

Any news?

It does seem to happen when I have started services on the ise node. I haven't noticed it outside of that again.

Yeah, sometimes the alarms don't quite match up with WHY it's happening. 

NMS systems usually have something called root-cause-analysis to only bring up an alarm for the exact reason something happened and not other things which derived from that event. Hopefully ISE will do so in the future.