Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6356
Views
5
Helpful
9
Replies

ISE sponsor portal guest accounts

Go to solution
eddig
Level 1
Level 1

‎07-15-2013 12:40 AM - edited ‎07-04-2021 12:25 AM

I am having an issue with guest accounts that have been created in the sponsor portal, some accounts work fine but others show up in the authentication logs on ISE as error 22056.  This error points to ISE not looking in the right identity store but when you go deeper into the details all auth requests are pointing at the internal users store which is correct.

My main problem is that when I try to look at these accounts from the ISE admin console to see if there is any difference between them they do not show up i.e. no accounts that are created on the sponsor portal are displayed in the internal users database but if you try to create an account with the same user name ISE says that there is already an account with that name.

Is there any where on ISE to display the sponsor guest accounts?

Regards

Craig

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
grabonlee
Level 4
Level 4
In response to eddig

‎07-16-2013 05:13 AM

Hi,

To view guest accounts, you have to go through the sponsor portal. However, could you try the following in the admin account to see if you can view the guest accounts:

1. Go to Administration --> Identity Management ----> Groups

2. Under User Identity Groups, click on Guests. Guests is the default built-in group, unless you created a separate guest group.

3. Check to see if the guest accounts created by the sponsor shows up.

Normally, when a guest account is created by a Sponsor, the account must be assigned to Group role and this Group role is where guest credentials created by the sponsor are stored.

View solution in original post

0 Helpful
9 Replies 9

Go to solution
Shaoqin Li
Level 3
Level 3

‎07-15-2013 08:15 AM

what is your version of ISE?

Are you using the guest accounts to do 802.1x auth?

Sent from Cisco Technical Support iPad App

0 Helpful

Go to solution
eddig
Level 1
Level 1
In response to Shaoqin Li

‎07-15-2013 09:29 AM

Hi,

    we are using version 1.1.3.  We are not using Dot1X just the guest web portal functionality.  A sponsor creates a guest account and then the guest user logs in with it and is just authenitacted gainst the internal ISE database.

thanks

Craig

0 Helpful

Go to solution
eddig
Level 1
Level 1
In response to mmangat

‎07-16-2013 01:22 AM

Hi,

    not too sure if I am missing something but this just tells you how to use the sponsor portal? my query was based around being able to see all user accounts i.e. accounts created in the sponsor portal and from the admin from the admin console in the admin console.

If I web browse to the ISE admin console and the go to administration-Identities I can only see the accounts that I have created through ISE admin, if I try and create an account that I know exists on the sponsor portal ISe complains that the user already exists but you cannot view it.  This seems very odd, why wouldn't an admin be able to see all accounts?

thanks

Craig

0 Helpful

Go to solution
grabonlee
Level 4
Level 4
In response to eddig

‎07-16-2013 05:13 AM

Hi,

To view guest accounts, you have to go through the sponsor portal. However, could you try the following in the admin account to see if you can view the guest accounts:

1. Go to Administration --> Identity Management ----> Groups

2. Under User Identity Groups, click on Guests. Guests is the default built-in group, unless you created a separate guest group.

3. Check to see if the guest accounts created by the sponsor shows up.

Normally, when a guest account is created by a Sponsor, the account must be assigned to Group role and this Group role is where guest credentials created by the sponsor are stored.

0 Helpful

Go to solution
eddig
Level 1
Level 1
In response to grabonlee

‎07-16-2013 05:32 AM

Hi,

    Thank you for the information.  I definitley can't view the guest accounts created by the sponsor portal but if this is how it is supposed to be.........

I sgtill think it is crazy that the admin wouldn't be able to see all accounts that are in the database.

thanks

Craig

0 Helpful

Go to solution
grabonlee
Level 4
Level 4
In response to eddig

‎07-16-2013 05:44 AM

Hi,

I would advise that you contact Cisco TAC for clarification.

Cheers

0 Helpful

Go to solution
sisentner
Level 1
Level 1

‎09-30-2020 06:18 AM

running ISE 1.2.  I know this is an old post but.....if you go to

operations>reports>ISE Reports>Guest Sponsor Summary.  You can choose a timeframe and run the report which will show you the sponsors that created accounts during that time. If you click on the number you can open a new window and see the accounts they created.  Hope this helps.

Go to solution
bipopo
Level 1
Level 1
In response to sisentner

‎05-12-2022 10:04 AM - edited ‎05-12-2022 10:09 AM

Even though this is old, your answer saved my day.. thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card