09-26-2022 03:34 AM
ISE PIC Agent does not return any user/IP to ISE, keeps getting this error in CiscoISEPICAgent file:
022-09-26 01:10:29,053 ERROR - Rest Client, Error sending mapping {user=dummyMapping, ip=192.168.12.32} to https://S-CISCOISE02.domain.local:9095 : String was not recognized as a valid DateTime.
anyone got a hint?
Regards
Thomas
Solved! Go to Solution.
10-01-2022 03:13 PM
Call TAC to troubleshoot since you did not offer any details, logs, etc.
See How to Ask The Community for Help for more details to provide next time.
09-26-2022 03:56 AM - edited 09-26-2022 10:25 PM
@tkiel wrote:ISE PIC Agent does not return any user/IP to ISE, keeps getting this error in CiscoISEPICAgent file:
022-09-26 01:10:29,053 ERROR - Rest Client, Error sending mapping {user=dummyMapping, ip=192.168.12.32} to https://S-CISCOISE02.domain.local:9095 : String was not recognized as a valid DateTime.United Airlines Flying Together
anyone got a hint?
Regards
Thomas
Thankful for the little by little useful exercise. Has conclusively the ordinary impact.
10-01-2022 03:13 PM
Call TAC to troubleshoot since you did not offer any details, logs, etc.
See How to Ask The Community for Help for more details to provide next time.
10-02-2022 11:35 AM
Hi Thomas
Which logs would you expect?
On the Domain Controller, the line is repeated constantly within the file: CiscoISEPICAgent.
Regards
Thomas
11-24-2022 08:36 AM
Hello Thomas,
do you have a solution for the problem. We have the same error on a ISE-PIC.
Regards
Michael
11-24-2022 11:25 PM
Hi Michael
Unfortunately not yet, it is on my todo list
The documentation for troubleshooting ISE-PIC is very limited and this issue is not the connection to domain controller but more likely permissions on the domain controller.
Best luck
Thomas
01-26-2023 01:23 PM
Hello Thomas,
I have the same issue here, and it's giving me this log on every user authentication, any updates so far?
Even TAC seems to be having an issue figuring this one out, at least on the case i opened.
03-15-2023 09:25 AM - edited 03-15-2023 09:47 AM
Hello AugustoS.Nunes,
Did you get any news from TAC ?
I currently facing the same issue.
CiscoISEPICAgent.log
2023-03-15 16:07:03,782 DEBUG - Continuing forward event : , Verified it is not a machine account... with username batman
2023-03-15 16:07:03,782 DEBUG - Domain Controller 192.168.10.211, EVT ***** Reading Event *******
2023-03-15 16:07:03,782 DEBUG - Domain Controller 192.168.10.211, EVT TimeGenerated in DC UTC = 03/15/2023 16:07:02
2023-03-15 16:07:03,782 DEBUG - Domain Controller 192.168.10.211, EVT user = batman
2023-03-15 16:07:03,782 DEBUG - Domain Controller 192.168.10.211, EVT domain = DCOMICS
2023-03-15 16:07:03,782 DEBUG - Domain Controller 192.168.10.211, EVT ip = 192.168.10.212
2023-03-15 16:07:03,782 DEBUG - Domain Controller 192.168.10.211, EVT latency = 1,0109357 seconds
2023-03-15 16:07:03,782 DEBUG - Domain Controller 192.168.10.211, EVT agentTimeUTC , 03/15/2023 16:07:03
2023-03-15 16:07:03,782 DEBUG - Domain Controller 192.168.10.211, EVT Received Time:15/03/2023 16:07:02, Latency:1,0109357, Computer:ad01.dcomics.lan, User:batman, Domain:DCOMICS, IP:192.168.10.212
2023-03-15 16:07:03,782 DEBUG - Rest Client, Sending mapping to https://isepic.dcomics.lan:9095: user=batman, ip=192.168.10.212
2023-03-15 16:07:03,829 ERROR - Rest Client, Error sending mapping {user=batman, ip=192.168.10.212} to https://isepic.dcomics.lan:9095 : String was not recognized as a valid DateTime.
passiveid-agent.log
2023-03-15 16:07:03,787 DEBUG [Grizzly-worker(3)][[]] com.cisco.idc.agent-probe- REST request arrived from client with hostname: ad01.dcomics.lan, ip: 192.168.10.211
2023-03-15 16:07:03,787 DEBUG [Grizzly-worker(3)][[]] com.cisco.idc.agent-probe- Looking for Agent in configuration, with ip 192.168.10.211 or hostname ad01.dcomics.lan.
2023-03-15 16:07:03,788 DEBUG [Grizzly-worker(3)][[]] com.cisco.idc.agent-probe- Current Agent hostname/ip in config: ad01.dcomics.lan
2023-03-15 16:07:03,792 DEBUG [Grizzly-worker(3)][[]] com.cisco.idc.agent-probe- Received login event. Identity Mapping.probe = Agent , dc-host = /192.168.10.211 , Identity Mapping.server = isepic , event-operation-type = ADD ,
2023-03-15 16:07:03,792 DEBUG [Grizzly-worker(3)][[]] com.cisco.idc.agent-probe- Validating incoming loging event...
2023-03-15 16:07:03,792 DEBUG [Grizzly-worker(3)][[]] com.cisco.idc.agent-probe- AgentTime 1678896423 DCTime 1678896422 ISETime 1678896423
2023-03-15 16:07:03,792 DEBUG [Grizzly-worker(3)][[]] com.cisco.idc.agent-probe- Building login event to be published to session directory.
2023-03-15 16:07:03,792 DEBUG [Grizzly-worker(3)][[]] com.cisco.idc.agent-probe- retrieving user's additional informaion from Active Directory.
2023-03-15 16:07:03,833 DEBUG [Grizzly-worker(3)][[]] com.cisco.idc.agent-probe- recording login event into local log.
2023-03-15 16:07:03,836 DEBUG [Grizzly-worker(3)][[]] com.cisco.idc.agent-probe- Forwarded login event to session directory. Identity Mapping.id-src-first-port = -1 , Identity Mapping.dc-domainname = dcomics.lan , Identity Mapping.id-src-port-start = -1 , Identity Mapping.probe = Agent , Identity Mapping.id-src-port-end = -1 , Identity Mapping.event-user-name = batman , Identity Mapping.dc-host = /192.168.10.211 , Identity Mapping.agentId = , Identity Mapping.server = isepic , Identity Mapping.event-ip-address = 192.168.10.212 ,
2023-03-15 16:07:03,836 DEBUG [Grizzly-worker(3)][[]] com.cisco.idc.agent-probe- Publishing identity mapping event. Identity Mapping.id-src-first-port = -1 , Identity Mapping.dc-domainname = dcomics.lan , Identity Mapping.id-src-port-start = -1 , Identity Mapping.probe = Agent , Identity Mapping.id-src-port-end = -1 , Identity Mapping.event-user-name = batman , Identity Mapping.dc-host = /192.168.10.211 , Identity Mapping.agentId = , Identity Mapping.server = isepic , event-operation-type = ADD , Identity Mapping.event-ip-address = 192.168.10.212 ,
2023-03-15 16:07:03,836 DEBUG [Grizzly-worker(3)][[]] com.cisco.idc.agent-probe- Details 192.168.10.212
2023-03-15 16:07:03,836 DEBUG [Grizzly-worker(3)][[]] com.cisco.idc.agent-probe- Going to publish login event...
On ISE-PIC, live Sessions stays empty...
Thank you !
[Edit]Added passiveid-agent.log from ISE-PIC
03-15-2023 10:24 AM
Hello Stephane,
I am on my personal account right now, but yes!
The issue seems to be with the Endpoint Check on ISE-PIC and FMC 7.2 which started dealing with "Unreachable" endpoints sent by ISE, basically ISE check's if the endpoint is active with this feature enabled (by default) through WMI and if isn't able to get a response comes back as "Unreachable" and starting on FMC 7.2, it "discards" this users and don't add them to the Active Sessions database.
The only two ways to resolve this seams to be from disabling the Endpoint Check on ISE-PIC (Providers>Endpoint Check) or let ISE-PIC connect through WMI on the workstations. We disabled the endpoint check and everything in fine now!
Also in regards to this log on the ISE Agent, a patch has to by applied to fix this since seems to be a bug, haven't try it yet but it's on our roadmap to do!
2023-03-15 16:07:03,829 ERROR - Rest Client, Error sending mapping {user=batman, ip=192.168.10.212} to https://isepic.dcomics.lan:9095 : String was not recognized as a valid DateTime.
CSCwd45843 > https://software.cisco.com/download/home/283801620/type/283802505/release/HP-CSCwd45843
Confirmed by TAC that can by applied on ISE-PIC even if it's an ISE download.
08-01-2024 01:00 PM
Hello stephane.merl
I hope you doing well.
Could you tell me how you enable this output logs in CiscoISEPICAgent.log?
2023-03-15 16:07:03,782 DEBUG - Continuing forward event : , Verified it is not a machine account... with username batman
2023-03-15 16:07:03,782 DEBUG - Domain Controller 192.168.10.211, EVT ***** Reading Event *******
2023-03-15 16:07:03,782 DEBUG - Domain Controller 192.168.10.211, EVT TimeGenerated in DC UTC = 03/15/2023 16:07:02
2023-03-15 16:07:03,782 DEBUG - Domain Controller 192.168.10.211, EVT user = batman
2023-03-15 16:07:03,782 DEBUG - Domain Controller 192.168.10.211, EVT domain = DCOMICS
best regards!!
Ronei
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide