08-07-2013 12:36 PM - edited 03-10-2019 08:44 PM
Dear Support Team
We are in the progress of Migrating ACS4.2 to ISE3355 running 1.1.4. We have SSL VPN Users & Wireless Users to be migrated.
ISE 1.1.4 is already integrated with AD Windows 2008 and can see all the groups defined on AD.
1: in ACS 4.x & even 5.x, we have option to add a user locally (users belonging to domain) , and we can configure user’s password to be derived from Windows Database. It helps to control AAA Policies.
It also helps to avoid configuring "users" in specific groups on AD and as a result no dependency on System Team to configure users in specific groups, which can be used in policy making on ISE.
However while doing the same, I could not find an option in ISE 1.1.4. Password cannot be derived from windows database. Password has to be set manually, that clearly means that i have to arrange the users in specific group on AD.
Is it a platform specific issue or am I missing something ?
Thanks in advance for your valuable time to look into this issue.
Ahad....
08-08-2013 01:04 AM
It seems that i have to open a TAC case to get cisco official explanation on this feature, it was a nice feature, which has been unnecessarily deprecated.
Any Inputs from anyone, who has similiar requirement, Please share it here.
Regards
Ahad
08-14-2013 12:10 PM
ISE: Using Internal Identity User can gain access to Admin Dashboard
This fix addresses the issue where internal users gain access to the Cisco ISE Admin portal Home page when they are not mapped to any Cisco ISE administrator group.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: