Showing results for 
Search instead for 
Did you mean: 


Prasan Venky
Level 3
Level 3

Hello All,

In ISE we tried adding active directory but it failed (ISE & AD Integration). Still there was another option in ISE like LDAP and we added the identity stores.

Now with the below security feature,a client can get authentication through LDAP.

L2 Security-WPA2


Auth method-PEAP(EAP-MSCHAP V2)

When i tried connecting i am getting error like "Current Identity store does not support this type" in the ISE.

LDAP in ISE has to replaced with the active directory...?

Any quick help will be appreciated

3 Replies 3

Level 1
Level 1


Here is a link that you may find handy. Just go to the LDAP section:

Hello Mr. Mangat,

Thanks for your effort I got how to configure it on ISE from your link. But my expectation is to know the difference between LDAP and AD in ISE. Bcoz when i configure LDAP it was not working for my clients with the PEAP security but later i configured AD with the ISE and now its working fine.


IMO Cisco ISE does very poor integration with LDAP while it supports Active Directory very well. This is a big shortage on ISE as in our environment LDAP is more widely used than our Active Directory.


Basically, you can not use EAP kind authentication on supplicant while your ISE uses LDAP as external identity store. Cisco officially says it only support EAP-GTC and PAP with LDAP. EAP-TLS has nothing to do with LDAP at authentication stage as the supplicant and ISE itself need to trust each other.


We also spent a lot of time on central administrator authentication with LDAP with ISE local authorisation as we do not have the group attributes in our LDAP ISE wants for the administrators, and it turns out that ISE simply does not support it.

-- Best Regards
Review Cisco Networking for a $25 gift card