cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1505
Views
10
Helpful
5
Replies

Keepalive between ISE and AD?

mick5kull
Cisco Employee
Cisco Employee

Is there any keepalive mechanism in ISE to check availability of Active Directory?

Does ISE automatically leave from Active Directory domain and re-join during reboot if it is already joined?
CCO says that we need to re-join manually to a domain after application reset or configuration restore.

How about normal reboot?

 

Thanks in advance!

 

1 Accepted Solution

Accepted Solutions

After a reboot for either ISE or AD, it will auto join as ISE will probe
ADs to check their availability. If the AD reachability is fluctuating or
unrecoverable, ISE will blacklist it.

For network blacklist, DC stays in blacklist for 10 seconds
For server blacklist, DC stays in blacklist for 5 seconds

View solution in original post

5 Replies 5

After a reboot for either ISE or AD, it will auto join as ISE will probe
ADs to check their availability. If the AD reachability is fluctuating or
unrecoverable, ISE will blacklist it.

For network blacklist, DC stays in blacklist for 10 seconds
For server blacklist, DC stays in blacklist for 5 seconds

Thanks for your comments.

Could you tell me more details?

How and how often ISE test the availability of AD?

(dummy LDAP query every 1 minutes, etc.)

 

I would recommend you look through Cisco Live content by Chris Murray on the subject.
https://www.ciscolive.com/global/on-demand-library/?search=chris%20murray#/session/14525434149870017MRf
What's new in ISE Active Directory connector - BRKSEC-2132

The content is no longer available...

The last time the session ran was 2016 Berlin, this is one of the downsides of Cisco Live content, they drop the old yet still relevant sessions. In this case, What's new in ISE Active Directory connector - BRKSEC-2132, only has two left. This link will work for about a year and a half.

https://www.ciscolive.com/global/on-demand-library.html?search=BRKSEC-2132#/session/14525434149870017MRf
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: