US Region

Grandmetric LLC
Lewes DE 19958
16192 Coastal Hwy USA
EIN: 98-1615498
+1 302 691 94 10

EMEA Region

ul. Metalowa 5, 60-118 Poznań, Poland
NIP 7792433527
+48 61 271 04 43


Grandmetric LTD
Office 584b
182-184 High Street North
E6 2JA
+44 20 3321 5276

  • en
  • pl
  • Connecting Cisco ISE 3.0 node to Active Directory

    Design & Configure

    Connecting Cisco ISE 3.0 node to Active Directory

    Technology: Network Security
    Area: Access and Identity Management
    Vendor: Cisco
    Software: ISE 3.0
    Platform: ISE Virtual Appliance, ISE Physical Appliance 


    Cisco ISE 3.0 AD integration  

    • ISE node must be added to domain as a host (computer) 
    • ISE node needs privileges to read LDAP / AD directory (needed for authentication) 
    • Need to have a user with privileges to add machines to the domain. There are specific cases when the ISE node is added to AD Offline. 
    • Warning: adding ISE manually can lead to a situation where user provided for ISE External Identity Sources does not have to process join operation if there is a fail (after upgrade). 


    Step 1 – Add Join Point

    To add the ISE node to Active Directory, navigate to the External Identity Sources menu, select “Active Directory”, and add a new Join Point.

    Cisco ISE Identity Management


    Step 2 – Connect Node to Active Directory

    Then, confirm that you want to join nodes to Active Directory and fill in the domain information.

    Identity Sevice Engine Cybersecurity

    Step 3 – Confirm the connection

    Finally, to confirm the AD join, look for a green “Operational” checkmark in the administration panel.


    In our previous mini-tutorial, you can also check how to Connect ISE 2.1 Node to Active Drectory.

    Author: Jaroslaw Banakh