Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6703
Views
0
Helpful
5
Replies

ISE 2.2 Read-only access to the ISE GUI

Go to solution
M.G.
Level 1
Level 1

‎01-24-2019 01:37 AM - edited ‎03-11-2019 01:54 AM

Hello,

 

Is it possible to create a read-only admin group in ISE  2.2 which provide read_only access to all the menus including policy set menus?

 

Regards,

Maryam

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Nidhi
Cisco Employee
Cisco Employee

‎01-24-2019 02:17 AM

ISE 2.3 onwards you can create read-only users . you can create menu access permissions .

Please refer the guide here- https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_0101.html

 

Thanks,

Nidhi

View solution in original post

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to Sheraz.Salim

‎01-24-2019 03:53 AM

Full read only capability is only available in 2.3 or higher

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Sheraz.Salim
VIP
VIP

‎01-24-2019 01:58 AM - edited ‎01-24-2019 01:59 AM

you can create a basic access and give it to the user.

 

go to Administration--->Admin Access--->Administrators----->Admin Users

 

 

here is a good link might found you intersting

https://community.cisco.com/t5/policy-and-access/read-only-web-access-to-ise-nodes/td-p/2327124

please do not forget to rate.
0 Helpful

Go to solution
M.G.
Level 1
Level 1
In response to Sheraz.Salim

‎01-24-2019 02:14 AM

Hi Sheraz,

Thank you for the response.

To my understanding the customisation for the admin groups is limited to "none" or "read and write" to the data.

In my case I want the admins to be able to see everything, including the policy sets, but they should not be able to change anything.

However, with creating a customised admin group I will be able to either give permission to access to a menu and some data, or not to give permission.

If I give permission to access a menu, the admins will be able to read and "change" the data for example the policies.

Is there a way to limit the admins not to change the policies?

The version of ISE I am working with is 2.2 patch 12.

 

Regards,

Maryam

 

0 Helpful

Go to solution
Sheraz.Salim
VIP
VIP
In response to M.G.

‎01-24-2019 02:33 AM - edited ‎01-24-2019 02:35 AM

the link i share earlier is the similar what was discussed  and what Nidi share it to you with more specific to cisco ise release notes. if you read it it explain the same process.

just curious why you make it as answered but not mine.

 

this is the link i shared earlier

https://community.cisco.com/t5/policy-and-access/read-only-web-access-to-ise-nodes/td-p/2327124

please do not forget to rate.
0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to Sheraz.Salim

‎01-24-2019 03:53 AM

Full read only capability is only available in 2.3 or higher
0 Helpful

Go to solution
Nidhi
Cisco Employee
Cisco Employee

‎01-24-2019 02:17 AM

ISE 2.3 onwards you can create read-only users . you can create menu access permissions .

Please refer the guide here- https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/admin_guide/b_ise_admin_guide_23/b_ise_admin_guide_23_chapter_0101.html

 

Thanks,

Nidhi

0 Helpful
Customers Also Viewed These Support Documents