cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

7062
Views
5
Helpful
18
Replies
Highlighted
Beginner

Problem to get Web admin access on cisco ISE

Hi,

We are currently having problems to access via Web admin UI to cisco ISE. after we put the password, we get this message on screen:

authentication failed due to zero RBAC group.

The ISE version that we are using is: 1.1.2.145 path 3

Do you have any idea about that?

Thank you for your attention on this matter.

Regards.

Everyone's tags (3)
18 REPLIES 18
Cisco Employee

Problem to get Web admin access on cisco ISE

Hugo,

Serveral known issues exist that result in this message. Can I suggest to open a TAC case?

Or go to 1.1.3 patch 1 and re-test.

M.

Beginner

Problem to get Web admin access on cisco ISE

You can't log into the CLI, it doesn't accept the password. What else can resolve this?

Cisco Employee

Problem to get Web admin access on cisco ISE

Looking at the screen shot it seems that you've not configured ISE to use external account from Active Directory. In most of the cases either we need to run the script to fix it temporarily or we need to reimage. I agree with Marcin that this issue calls for TAC case. However, before that if you wish

1.] You can upgrade to ISE 1.1.3 latest patch.

2.] Try to eset the internal admin account to gain GUI access if you have CLI access.

Run 'application reset-passwd ise admin' >> Follow the prompts

Jatin Katyal
- Do rate helpful posts -

~Jatin Katyal
Beginner

Problem to get Web admin access on cisco ISE

Can I upgrade from 1.1.2 version to 1.1.3 version or 1.1.4 version without lose my actual configuration.?

Beginner

Problem to get Web admin access on cisco ISE

Can I upgrade from 1.1.2 version to 1.1.3 version or 1.1.4 version without lose my actual configuration.?

Cisco Employee

Problem to get Web admin access on cisco ISE

Yes, you can. However, it's a good practise to take backup before you upgrade to next version.

Jatin Katyal
- Do rate helpful posts -

~Jatin Katyal
Beginner

Problem to get Web admin access on cisco ISE

Hi Jatin,

Unfortunately I can't do the upgrade, when I try to upgrade from 1.1.2 to 1.1.3 I get this error:

% ERROR: This node is part of an ISE deployment. Please make it a standalone first, then retry upgrade.

error: %post(CSCOcpm-upgrade-1.1.3-124.i386) scriptlet failed, exit status 1

% Application upgrade failed. Please check logs for more details or contact Cisco Technical Assistance Center for support.

I think to install 1.1.4. may solve many issues.

Problem to get Web admin access on cisco ISE

it's look like you have more than 1 ise that act as primary/secondary, so you must make it standalone before you upgrade it...

Beginner

Problem to get Web admin access on cisco ISE

How long does this issue last?

Beginner

Problem to get Web admin access on cisco ISE

I'm with the same problem and ISE is already at 1.1.3.124 version

Someone knows the solution?

Regards,

Claudio

Rising star

Problem to get Web admin access on cisco ISE

In Cisco ISE, RBAC policies are simple access  control policies that use RBAC concepts to manage admin access. These  RBAC policies are formulated to grant permissions to a set of  administrators that belong to one or more admin group(s) that restrict  or enable access to perform various administrative functions using the  user interface menus and admin group data elements. I think there is problem with your RBAC policy configuration. Please follow the below link for help.

http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_identities.html#wp1282656

http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_identities.html#wp1283009

Participant

Problem to get Web admin access on cisco ISE

Hello,

I went through your query and found the following link which might help you :-

http://www.cisco.com/en/US/docs/security/ise/1.0.4/user_guide/ise10_man_identities.pdf

Beginner

Problem to get Web admin access on cisco ISE

Hello guys,

Thanks for helping but, I can't access the web interface, how could I change the RBAC configurations?

Regards,

Claudio

Rising star

Problem to get Web admin access on cisco ISE

http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_identities.html#wp1282656

click on the above link and go to Configuring RBAC Permissions .