Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
739
Views
3
Helpful
2
Replies

ISE Deployment Question (Multiple AD environments)

Go to solution
scjackso
Cisco Employee
Cisco Employee

‎07-18-2017 09:11 AM

All,

I have a question from a customer.  Currently, they are using ACS with a separate AD environment.  They wanted to know if ISE can be deployed as follows:  TACACS module leveraging AD1 and ISE (Endpoint Access Control and Segmentation) leveraging a separate AD environment (AD2).  Is this possible?

Thank you in advance!!

Scott Jackson

scjackso@cisco.com

1 Accepted Solution

Accepted Solutions

Go to solution
hariholla
Cisco Employee
Cisco Employee

‎07-18-2017 11:21 AM

Hi Scott, I believe AD1 and AD2 are two distinct Active Directory domains? If yes, we can support what you are asking for. The TACACS+ authorization can happen on domain-1 and the endpoint authorizations can happen on domain-2. ISE can connect up to 50 distinct AD domains.

ISE Performance & Scale

Cheers!

-Hari

View solution in original post

2 Replies 2

Go to solution
hariholla
Cisco Employee
Cisco Employee

‎07-18-2017 11:21 AM

Hi Scott, I believe AD1 and AD2 are two distinct Active Directory domains? If yes, we can support what you are asking for. The TACACS+ authorization can happen on domain-1 and the endpoint authorizations can happen on domain-2. ISE can connect up to 50 distinct AD domains.

ISE Performance & Scale

Cheers!

-Hari

Go to solution
scjackso
Cisco Employee
Cisco Employee
In response to hariholla

‎07-19-2017 07:46 AM

Thank you!!!

Customers Also Viewed These Support Documents