09-04-2018 11:41 PM
Hi experts,
Does ISE automatically leave from Active Directory domain and re-join during reboot if it is already joined?
Does ISE periodically communicate with Active Directory DC after it joined to a domain?
I read "Active Directory Integration with Cisco ISE 2.x" below but it only describe behavior on application reset or configuration restore.
'When you reset the Cisco ISE application configuration from the command-line interface or restore configuration after a backup or upgrade, it performs a leave operation, disconnecting the Cisco ISE node from the Active Directory domain, if it is already joined.'
[Background]
My customer says they sometimes see "Not Operational" when checking AD integration status in [Administrator]->[External Identity Source]->AD domain after ISE reboot.
They say there seems no impact to user authentication during "Not Operational", but asking why ISE changes its status.
Solved! Go to Solution.