I am running an eval of ISE 2.4 (patch 6). I used the migration tool to pull in all information from ACS 5.8. ISE is new to me, so I'm just trying to figure it out.
The issue I am having right now is with the enable password. It was a simple process in ACS; under user authentication setting, you just made sure the "TACACS Enable Password" option was not checked.
I don't see anything similar in ISE. The only way I got this to work was to go into each user account and configure the enable password. I am hoping there is a better way of doing this, as I have many users that require enable mode. They all belong to the same "User Identity Group"
My goal would be to for the Login Password to also work as the Enable Password (as it did in ACS). Another option might be for our TACACS network devices to not even prompt for a password when a user enters enable mode (not sure if this is possible).