Connecting Cisco ISE node to Active Directory

Design & Configure

Connecting Cisco ISE node to Active Directory

Technology: Network Security
Area: Access and Identity Management
Vendor: Cisco
Software: 2.1
Platform: ISE Virtual Appliance, ISE Physical Appliance


  • Cisco ISE AD integration
    • ISE node must be added to domain as a host (computer)
    • ISE node need privileges to read LDAP / AD directory (needed for authentication)
    • Need to have user with privileges to add machined to domain, there are specific cases when ISE node is added to AD Offline.
    • Warning: when ISE is added manually this can lead to situation where user provided for ISE External Identity Sources does not have to process join operation if there is a fail (after upgrade).


Connecting ISE node to Active Directoy


  • AD join process

ISE Deployment and AD


  • AD join is successful

ISE AD join completed


  • Node is operational

ISE AD connection is operational


Check also – Connecting Cisco ISE 3.0 Node to Active Directory

Author: Marcin Bialy