Cisco ISE Administrators
Cisco ISE administrators use the admin portal to:
Manage deployments , help desk operations, network devices and node monitoring and troubleshooting.
Manage Cisco ISE services, policies, administrator accounts, and system configuration and operations.
Change administrator and user passwords.
Administrators can access Cisco ISE through the command-line interface (CLI) or the web-based interface. The username and password that you configure during the Cisco ISE setup is intended only for administrative access to the CLI. This role is considered to be the CLI-admin user, also known as CLI administrator. By default, the username for a CLI-admin user is admin, and the password is defined during setup. There is no default password. This CLI-admin user is known as the default admin user, and this user account cannot be deleted. However, it can be edited by other administrators (this includes options to enable, disable, or change password for this account).
You can create an administrator or you can promote an existing user to an administrator role. Administrators can also be demoted to simple network user status by disabling the corresponding administrative privileges.
Administrators can be considered as users who have local privileges to configure and operate the Cisco ISE system.
Administrators are assigned to one or more admin groups. These admin groups are pre-defined in the system for your convenience, as described in the following section.
Create a New Cisco ISE Administrator
Cisco ISE administrators need accounts with specific roles assigned to it to perform specific administrative tasks. You can create administrator accounts and assign one or more roles to it based on the administrative tasks that an administrator has to perform.
You can use the Admin Users page to view, create, modify, delete, change the status, duplicate, or search for attributes of Cisco ISE administrators.
We recommend that you configure Active Directory access in the CLI before you join it in the GUI, if the admin user's domain is the same in both the CLI and the GUI. Else, you must rejoin the domain from the GUI to avoid authentication failures to that domain.
Choose one of the following:
Enter values for the Administrator fields. Supported characters for the name field are # $ ’ ( ) * + - . / @ _.
Click Submit to create the new administrator in the Cisco ISE internal database.