09-06-2012 11:10 PM - edited 03-10-2019 07:30 PM
Hi,
Does the current Cisco ISE supports for authenticating on multiple Active Directories ?
I can only set Cisco ISE to join on single active directory and LDAP
Does anyone have set Cisco ISE to support EAP-FAST with WPAD or PAC provisioning ?
Thanks
Pongsatorn
09-07-2012 12:37 AM
Currently the ise doesn't support multiple domain membership but hat is coming soon.
Sent from Cisco Technical Support iPad App
11-23-2014 11:47 PM
Hi,
We are into a situation where we need to authenticate users of two domains and these two domains are completely independent (no common DNS server). ISE is not able to resolve one of the domain using the DNS server settings and Adding a host entry for the domain name is not sufficient since Kerberos, GC and LDAP SRVs need to be resolvable as well.
From what I know ISE 1.3 should supports disjointed domains and there is no requirement for ISE to have 2 way trust relationship with domains.
Please share your experience if someone has faced similar situation before.
Regards,
Akhtar
11-24-2014 07:13 AM
Ahktar> You will need to have a forwarder set for the second domain on your own DNS server, so ISE knows what DNS server to ask about that domain. ISE 1.3 supports multiple seperate domains, but not DNS servers set per domain.
05-28-2013 03:47 AM
Cisco ISE supports multidomain forests. Cisco ISE connects to a single domain, but can access resources from the other domains in the Active Directory forest if trust relationships are established between the domain to which Cisco ISE is connected and the other domains.
03-28-2014 05:53 AM
Hi all,
It's now 2 years later, is there any change on this or is it still 1 AD?
03-28-2014 07:22 AM
This functionality is expected in cisco ISE 1.3 which is exptected to be released later this summer
03-28-2014 07:35 AM
Currently, ISE 1.2 supports authentications across multiple AD Domains through Domain Trust Relationships.
ISE 1.3, which is tentatively scheduled for release around the end of July, will incorporate Multiple AD Forest support.
Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question. Otherwise, feel free to post follow-up questions.
Charles Moreton
03-30-2014 02:44 AM
Ok, so if I read this correctly, I can still add only 1 Domain/Forrest but if that domain has a trust towards another domain, I can authenticate users from that domain.
08-04-2014 02:56 AM
Guys,
Is there any configuration documentation for Cisco ISE Authentication for Multiple Active Directoris with trush relationship between domain (not use LDAP because when use LDAP, Cisco ISE don't support MS-Chap & i try not to use Cisco Anyconnect)
BR
11-24-2014 11:19 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide