Thanks @hslai do this mean when I am moving the MnT to the secondary node, the secondary node do not restart its services. Only the primary mode will restart it services.

If the 2nd ISE has no MnT and you add MnT to it, the 2nd ISE will restart its ISE services. If the 2nd ISE is serving other ISE services (esp. session services), please also do it in a MW. Changing ISE MnT roles between primary and 2nd will not restart ISE.

Hi @Anthony O'Reilly  @hslai @Ethan Grinnell 

I have the same scenario as mentioned on lab as we have 2 nodes configure as Deployment nodes,
Currently our PAN is secondary M&T, while secondary node is primary M&T. The objective is to change role PAN to primary M&T for Operational Backup and Configuration Backup.

Once we click change the role Primary M&T on PAN node,  Does it require restarting both nodes or just restarting service?  They will be down time both nodes ?
We need to ensure the operation/authentication no downtime. 

Thank you, 
 

Thank @JPavonM  for sharing your experience 

Hi @JPavonM @hslai @Anthony O'Reilly 

I have a ISE HA pair for PAN and a HA pair for MnT, trouble is they are the wrong way around and I need to swap the PAN and MnT persona roles at the failover 'B' site, as below:- 

Question is service impact and process.

Process: Can I make the swap just in the GUI? Or do I have to de-register each secondary, reset them in console CLI with 'application reset-config ise’ and re-add them for a clean synch with their respective primary nodes?

Impact: When the persona swap is only with secondaries, will the primary reboot at any point?

Primary serve live AAA for campus wireless so if a reboot is on the cards I need to call it out and plan accordingly.

Many Thanks in advance for any advice on the above!

Tom