We might need to push different configuration profile for users based on the device type while OnBoarding
For example iOS devices need to have a Passcode Policy but not for MAC OS X.
We can achieve this by pushing different configuration profiles during Application Authorization request based on the Device-Name, we can send a ClearPass:Configuration-Profile-ID attribute in Enforcement Profile.
Configure a Passcode Policy under Onboard » Configuration » iOS Settings
Now we need to map the above configured iOS setting to the Configuration profile. Create a new Configuration profile for iOS devices and map the passcode policy as below
We will have the Default configuration profile that has only Networks and another Configuration profile and iOS configuration profile that has Networks and Passcode Policy.
We will have the Default configuration profile in the Provisioning settings as all devices except iOS devices will get that profile.
In Policy Manager we ned to create an Enforcement profile for iOS devices.
When we edit the configuration profile, it will show the id in the URL as below
The Enforcement policy conditions should be as below
The following iOS device gets a different Enforcement profile that satisfied the above Enforcement policy conditions