Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Changing local admin password on Cisco ISE in distributed deployment

Hi guys,

 

I manage four Cisco ISEs in a distributed environment.

First ISE is the Admin, second ISE is Monitoring, third and fourth are the PSNs.

We use local authentication. We want to change the password for the admin username.

Will this by any chance break the connection between the ISEs or will the new password pushed to all of them?

There is no option to change the passwords on the PSN as the administration tab is not available.

I know when I create a new user, it is pushed to all ISEs.

 

Thank you.

 

Serge.

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Serge,Good question.  Once I

Serge,

Good question.  Once I read this question, I had to know, so I tried this in my lab.

I changed the admin password and upon successfully changing it, I had to log in to ISE again using the new password.  I then noticed on my dashboard that the communication to my secondary admin node and my PSN was green.  YAY.  I went to the Deployments page and could access the configurations for the nodes.

Having confidence, I logged in to the Secondary Node using the NEW PASSWORD.  So yes, not only does communication NOT break, the new password is pushed down to all nodes.

 

Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question.  Otherwise, feel free to post follow-up questions.

Charles Moreton

4 REPLIES
Cisco Employee

Serge,Good question.  Once I

Serge,

Good question.  Once I read this question, I had to know, so I tried this in my lab.

I changed the admin password and upon successfully changing it, I had to log in to ISE again using the new password.  I then noticed on my dashboard that the communication to my secondary admin node and my PSN was green.  YAY.  I went to the Deployments page and could access the configurations for the nodes.

Having confidence, I logged in to the Secondary Node using the NEW PASSWORD.  So yes, not only does communication NOT break, the new password is pushed down to all nodes.

 

Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question.  Otherwise, feel free to post follow-up questions.

Charles Moreton

New Member

Awesome! Thanks very much for

Awesome! Thanks very much for your help Charles!

 

Serge.

Cisco Employee

Happy to help! Charles

Happy to help!

 

Charles Moreton

New Member

I have a setup similar to

I have a setup similar to Serge's and what Charles says is true. but I would like to offer an addendum.  The CLI passwords must be changed on each node individually.  If these expire you need to boot from an ISO image to reset them.

-Jeff

121
Views
0
Helpful
4
Replies