Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ISE - Limit access to Mydevices?

Hi all,

We would like to allow only certain users to access the mydevices portal. Ideally we would like only members of a specific active directory group to gain access.

If we set the authentication source to active directory, it allows any AD user in, no good.

I tried using an LDAP connector to AD and setting the Subject Search Base to a certain OU. In testing I found that users who are NOT within this OU are being allowed, I don't understand why.

Question: Can anyone explain why users outside the LDAP OU are being allowed?

Another Question: Can anyone come up with another way to limit access to Mydevices besides using Internal Users? We would rather not use internal users for a number of reasons.

Thanks for any help.

Everyone's tags (2)
6 REPLIES
Cisco Employee

ISE - Limit access to Mydevices?

ISE 1.2 supports that feature. You can limit the devices by ISE itself. Just check the release notes and configuration guide for the same.

New Member

ISE - Limit access to Mydevices?

Ravi,

Thank you for your reply.

I'm not understanding.  We want to limit the users accessing the portal. Not sure how "you can limit the deivces by ISE itself" relates.

Also, I looked for a configuration guide describing how to set up mydevices as I'm describing and couldn't find anything. Can you help me out with a URL?

Thank you.

New Member

ISE - Limit access to Mydevices?

Hi Leroy,

To allow an employee to log into the My Devices  portal, you must specify an identity store sequence. This sequence is  used with the login credentials of an employee to authenticate and  authorize the employee for access to the My Devices portal. Cisco ISE  includes a default identity store sequence for employees:  MyDevices_Portal_Sequence.

New Member

Hi Leroy

Hi Leroy

Did you ever find a solution to this issue?

We have kind of the same scenario where we wish for specific groups to be able to add devices using the portal.

And another group to another devicegroup. I too have been playing with the ldap method but still unable to get it working.

Cheers

Jimmi

New Member

Nope, we gave up and used a

Nope, we gave up and used a workaround. Too bad, would have been nice.

New Member

Re: Nope, we gave up and used a

Hi,

Can you please share your workaround. I'm facing the same challenge. 

598
Views
0
Helpful
6
Replies
CreatePlease login to create content