Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
821
Views
0
Helpful
4
Replies

ISE self-registration and user/password generating

n.poongsawad
Level 1
Level 1

‎10-09-2014 01:30 AM - edited ‎03-10-2019 10:05 PM

Hi Experts,

 

I'm about to implement ISE for university campus which holding concurrent ~3000 users.

 

With wireless lic. we designed to broadcast only one ssid through out campus. Using AD database to location student, staff, doctor etc. into thier dedicated vlan.

 

Is this possible to do as following setup?

 

Once user (device & user account) come into system for first time, connect to SSID. System redirects to self-registration portal. User need to fill in his/her credential which holding in exisiting AD databased. Along with his Cell phone number & e-mail address. The system regcognizes the MAC of their device.

 

After that, user get their NEW generated credential through SMS and/or e-mail (just like ISE sponsorship portal). Then user now be able to onboard his/her device through EAP-TLS or PEAP etc.

 

Aim of forcing user to fill and get their new credential through SMS & e-mail is, we need to gather and track down to their active contact point. Which is university's policy. 

 

Please let me some suggestion. The solution might be a conbination of Staff dot1x onboarding and Guset self registration. Any opinion is welcome. 

 

Nipat CCIE#29422

 

 

Labels:
0 Helpful
4 Replies 4

Venkatesh Attuluri
Cisco Employee
Cisco Employee

‎10-09-2014 09:45 AM

credentials created via self registration portal sent via SMS feature is going to be available in 1.3

 

 

0 Helpful

n.poongsawad
Level 1
Level 1
In response to Venkatesh Attuluri

‎10-09-2014 08:18 PM

Thank Vattullu,

 

I found that we can provide self register by sponsor portal which SMS and email the new credential to user.

 

Is that possible to allow user to login (Active Directory) to register themself on one sponsor portal SSID THEN put new credential onboard for another EAP-TLS SSID?

 

Another question may raise, could we limit number of accout that one sponsor can create their guest?

 

And when a account was created, where identity source for EAP-TLS SSID to point? Internal identity source?

 

Nipat CCIE#29422

 

0 Helpful

Venkatesh Attuluri
Cisco Employee
Cisco Employee
In response to n.poongsawad

‎10-24-2014 01:32 AM

In ISE 1.2 we dont have any option to limit number for guest accounts a sponsor can create

0 Helpful

Saurav Lodh
Level 7
Level 7

‎10-09-2014 06:32 PM

This feature is in roadmap

0 Helpful
Customers Also Viewed These Support Documents