Add Endpoint to Identity Group
Workflow #0029
Response Workflow
This workflow adds a static identity group assignment to a MAC address in Cisco Identity Services Engine (ISE). For example, if you’re using identity groups to determine which authorization profile to apply, you can use this response workflow to alter an endpoint’s permissions. Supported observable: mac_address
Change Log
Date | Notes |
---|---|
May 26, 2021 | - Initial release |
Sep 10, 2021 | - Updated to use the new system atomics |
Sep 1, 2022 | - Minor updates to naming and descriptions |
Nov 4, 2022 | - Fixed the Update Identity Group activity (Issue #214) |
See the Important Notes page for more information about updating workflows
Requirements
- The following system atomics are used by this workflow:
- ISE - ERS - Endpoint - Create Endpoint
- ISE - ERS - Endpoint - Search
- ISE - ERS - Endpoint - Update Identity Group
- ISE - ERS - Endpoint Identity Group - Get by Name
- The following atomic actions must be imported before you can import this workflow:
- None
- The targets and account keys listed at the bottom of the page
- Cisco Identity Services Engine (ISE)
Workflow Steps
- Make sure the observable type provided is supported
- Make sure the identity group exists and get its ID
- Search for the endpoint by MAC address
- Check if the endpoint exists:
- If it does, update its group assignment
- If it doesn’t, create it and add it to the identity group
Configuration
- Set the
Identity Group Name
local variable to the name of the endpoint identity group to add endpoints to - If you want to change the name of this workflow in the pivot menu, change its display name
Targets
Note: If your Cisco ISE deployment is on-premises and not accessible from the internet, you will need a SecureX orchestration remote to use ISE with orchestration.
Target Group: Default TargetGroup
Target Name | Type | Details | Account Keys | Notes |
---|---|---|---|---|
Cisco ISE ERS | HTTP Endpoint | Protocol: HTTPS Host: ISE Primary Admin Node Port: 9060 Path: None | ISE_ERS_Credentials |
Account Keys
Account Key Name | Type | Details | Notes |
---|---|---|---|
ISE_ERS_Credentials | HTTP Basic Authentication | Username: ISE Username Password: ISE Password | Must have ERS Admin permission |