Guest

Preview Tool

Cisco Bug: CSCvv10092 - RBAC- Duplicating of a "Read only Admin Policy" does not work as expected

Last Modified

Jul 24, 2020

Products (1)

  • Cisco Identity Services Engine

Known Affected Releases

2.6(0.156)

Description (partial)

Symptom:
We created a duplicate Read Only Admin Policy -ATest
-- Created an test admin - RBACadmin 
-- Mapped it to a custom Admin group- RBACTestGroup
-- Since duplicated from the Read only admin policy the permissions are as below:
      -->Super Admin Menu Access
      -->Read Only Admin Data Access

However, we still get write access to all the policy sets (RADIUS and Device admin)
The Network resources however have the expected Read only access

Conditions:
Issue reproduced on ISE version 2.6 (no patch)

Also, observed in ISE 2.7
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.