Showing results for 
Search instead for 
Did you mean: 

ISE Not Identifying AD Group Attributes when using Multiple ISE Servers

So we have multiple ISE Servers with differing personas. I was having an issue with our new ISE setup not identifying AD Group Attributes when using them in Authorization rules.

We have 2- 3395 appliances running Admin and Monitoring/Troubleshooting Personas and 2- 3395 appliances running as Policy server personas. We are running  v1.1.1.268 with the latest two patches.

I was unable to pull Active Directory Group Attributes in any of my Authorization rules. After Resyncing all the boxes with the Primary Administration box I was able to do this. There is no bug listings for this occurance nor do we have Smartnet to call support for other reasons. I thought this might be useful to someone who is having the same issue and is unable to figure it out with TAC


3 Replies 3

Tarik Admani


Under the deployment tab were all the nodes in sync? What did you do in order resync just apply the sync up (dont know the exact syntax) to force replication?


Tarik Admani
*Please rate helpful posts*

Absolutely. All units said in-sync after setting their personas.

Here is our layout:

ISE-ADM-01  Admin-Primary, Monitoring-Secondary

ISE-ADM-02  Admin-Secondary, Monitoring-Primary

ISE-PDP-01  Policy Only

ISE-PDP-02  Policy Only

I synced one at a time starting with ADM-02. After completing the other two boxes. Active Directory Attribs were pulled down when using them in the Ext Group within my Authz rules.


I have identified what causes this to happen.

This only happens if your setup has PDP servers not a part of your Admin and Troubleshooting boxes and you change the You must resync the PDP boxes to update the information it must not be updating automatically.

Hope this helps someone else I cannot create a bug id for this.


Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers