US Region

Grandmetric LLC
Brookfield Place Office
200 Vesey Street
New York, NY 10281
EIN: 98-1615498
Phone: +1 302 691 94 10

EMEA Region

ul. Metalowa 5, 60-118 Poznań, Poland
NIP 7792433527
+48 61 271 04 43

Connecting Cisco ISE 3.0 node to Active Directory

Design & Configure

Connecting Cisco ISE 3.0 node to Active Directory

Technology: Network Security
Area: Access and Identity Management
Vendor: Cisco
Software: ISE 3.0
Platform: ISE Virtual Appliance, ISE Physical Appliance 


Cisco ISE 3.0 AD integration  

  • ISE node must be added to domain as a host (computer) 
  • ISE node needs privileges to read LDAP / AD directory (needed for authentication) 
  • Need to have a user with privileges to add machines to the domain. There are specific cases when the ISE node is added to AD Offline. 
  • Warning: adding ISE manually can lead to a situation where user provided for ISE External Identity Sources does not have to process join operation if there is a fail (after upgrade). 


Step 1 – Add Join Point

To add the ISE node to Active Directory, navigate to the External Identity Sources menu, select “Active Directory”, and add a new Join Point.

Cisco ISE Identity Management


Step 2 – Connect Node to Active Directory

Then, confirm that you want to join nodes to Active Directory and fill in the domain information.

Identity Sevice Engine Cybersecurity

Step 3 – Confirm the connection

Finally, to confirm the AD join, look for a green “Operational” checkmark in the administration panel.


In our previous mini-tutorial, you can also check how to Connect ISE 2.1 Node to Active Drectory.

Author: Jaroslaw Banakh