Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
638
Views
0
Helpful
1
Replies

Admin Autentication and Authorization from Two AD Forests

Go to solution
kkaminsk
Cisco Employee
Cisco Employee

‎05-25-2016 12:34 PM

Folks,

I have a customer POC I am doing and they have admins across two separate AD forests.  I cannot reference an AD Join Point when referencing an External Identity source for admin users - I can only select either one or the other AD Forests.

On the RBAC controls I only see groups from that one AD Forest also.

I am running ISE 2.0.1.

How can I use admin authentication and authorization with users in both AD Forests?  Is this supported?

Regards.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee

‎05-25-2016 01:24 PM

What you observed is expected. ISE external admin with AD is only supported with one single joint point. The only way to allow AD users from another forest is to establish two-way trusts.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
hslai
Cisco Employee
Cisco Employee

‎05-25-2016 01:24 PM

What you observed is expected. ISE external admin with AD is only supported with one single joint point. The only way to allow AD users from another forest is to establish two-way trusts.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents