Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
850
Views
2
Helpful
3
Replies

ISE-PIC 3.2 no user session

Go to solution
vmorris
Level 1
Level 1

‎04-02-2023 07:32 PM

We recently installed and configure ISE-PIC version 3.2. We were able to configure it and add the subscribers and providers. However, we are not seeing any user session. I have search the the internet, but unable to find a solution. I tried with both WMI and the agent, but no dice. We are configured for advanced auditing as others have mentioned, as we have other application using WMI.

We can see the necessary authentication being populated in the event viewer. All DCs are green, however we do see quite a bit of this error on DCs where agent is installed. Agent was pushed from ISE-PIC to respective DCs

2023-04-01 04:40:03,471 ERROR [Grizzly-worker(24)][[]] com.cisco.idc.agent-probe- failed to update status for DC ....... Couldn't find DC

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Nancy Saini
Cisco Employee
Cisco Employee
In response to vmorris

‎04-07-2023 10:33 AM

Are you using WMI for ISE-PIC. If yes then it won't work. As per\advisory from the Microsoft side, WMI agent is no longer working for Passive ID : https://learn.microsoft.com/en-us/answers/questions/146551/wmic-stopped-working-on-windows-10-2004

To overcome this issue, use the MS-RPC agent, please refer : https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/216512-configure-evt-based-identity-services-en.html

View solution in original post

3 Replies 3

Go to solution
ahollifield
VIP
VIP

‎04-03-2023 06:07 AM

DNS is good?

0 Helpful

Go to solution
vmorris
Level 1
Level 1

‎04-07-2023 08:38 AM

Yes. DNS is good.

Additionally, I see the following errors in the log

ERROR - Rest Client, Error getting configuration from https:/<IP Address removed>:9095 : The operation has timed out

Configuration , Received empty config
2023-04-04 14:05:54,996 INFO - DCs Manager, Found the following IPv4 addresses for local machine:<IP Address>

 

0 Helpful

Go to solution
Nancy Saini
Cisco Employee
Cisco Employee
In response to vmorris

‎04-07-2023 10:33 AM

Are you using WMI for ISE-PIC. If yes then it won't work. As per\advisory from the Microsoft side, WMI agent is no longer working for Passive ID : https://learn.microsoft.com/en-us/answers/questions/146551/wmic-stopped-working-on-windows-10-2004

To overcome this issue, use the MS-RPC agent, please refer : https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/216512-configure-evt-based-identity-services-en.html

Customers Also Viewed These Support Documents