Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1768
Views
0
Helpful
1
Replies

ISE-PIC WMI-Agent fail.

Go to solution
Ramirov
Level 1
Level 1

‎03-15-2022 08:47 AM

Hello guys , 

I am having problems to stablish WMI connection from ISE-PIC to ADs . I received the following error .

error.PNG

I've tried to deploy the agent automatically and all seems good but I not receiving any session information , I am using a user in admin group in AD. 

 

Any way to thoubleshoot this problems? 

 

Ive already opened a tk to Tac but they are research also.

 

Thanks.

 

 

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Tariq Mahmoud
Level 1
Level 1

‎03-02-2023 02:08 AM - edited ‎03-02-2023 02:10 AM

That error message is expected if the first setup attempt was successful. This is a cosmetic issue (assuming that everything is fine and the permissions of the used AD account are correct). Check: https://bst.cisco.com/bugsearch/bug/CSCvq84524

Now coming to the fact that there are no sessions, I assume that you are checking for passive ID sessions from Work Centers > PassiveID > Overview > Live sessions and filter for WMI generated logs. If that's true, I would confirm multiple points to troubleshoot this:

1. Do you have events 4768 & 4770 events on the AD for the users? 

2. Enable passiveID debugs on ISE on the node running the passiveID and check the debugs if there are events received from AD. 
https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/212594-debugs-to-troubleshoot-on-ise.html

If points #1 and #2 are okay, I would check logging on ISE as it might be a logging issue where such logs are received to the PassiveID node but the MNT is not working fine. 

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Tariq Mahmoud
Level 1
Level 1

‎03-02-2023 02:08 AM - edited ‎03-02-2023 02:10 AM

That error message is expected if the first setup attempt was successful. This is a cosmetic issue (assuming that everything is fine and the permissions of the used AD account are correct). Check: https://bst.cisco.com/bugsearch/bug/CSCvq84524

Now coming to the fact that there are no sessions, I assume that you are checking for passive ID sessions from Work Centers > PassiveID > Overview > Live sessions and filter for WMI generated logs. If that's true, I would confirm multiple points to troubleshoot this:

1. Do you have events 4768 & 4770 events on the AD for the users? 

2. Enable passiveID debugs on ISE on the node running the passiveID and check the debugs if there are events received from AD. 
https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/212594-debugs-to-troubleshoot-on-ise.html

If points #1 and #2 are okay, I would check logging on ISE as it might be a logging issue where such logs are received to the PassiveID node but the MNT is not working fine. 

0 Helpful
Customers Also Viewed These Support Documents