To configure an Identity Source Sequence (ISS), follow these steps in the ISE GUI:
Navigate: Go to Administration > Identity Management > Identity Source Sequences.
Add: Click the Add button to create a new sequence.
Basic Info: Provide a Name (e.g., ALL_ID_STORES) and a clear Description for future reference.
Certificate Auth (Optional): If you are supporting certificate-based logins, you can select a Certificate Authentication Profile (CAP) from the dropdown.
Select Sources: In the Authentication Search List, move the identity stores you want to check (such as Active Directory, LDAP, or Internal Users) from the "Available" box to the "Selected" box.
Set Order: Use the arrows to arrange the stores in the specific top-to-bottom order you want ISE to check them.
Error Handling: Under Advanced Search List Settings, decide how ISE should behave if a store is unreachable—either terminate the search with a "ProcessError" or continue to the next store in the sequence.
Save: Click Submit to complete the configuration.
Once created, you can use this sequence in your Authentication Policies to simplify rules that need to check multiple databases.
