Security

Hi All,

I've setup the integration between Clearpass and Soti Mobicontrol and am looking at the enformcent policies now.

I want to use the "MDM Enabled" one that's memtioned in the "Clearpass MDM Integration V2 technote but I can't see it in the list of available options... 

Here's what should be available:

Here's what I can see:

Soti integration appears to be ok as I can see nice healthy messages in the event viewer.

Can anyone help please?

Thanks

James

You use Endpoint:MDM Enabled Equals True to check that attribute...

That's what I gathered from the technote however there is no "MDM Enabled" Endpoint tag.

Do you see any devices in the Endpoint database with extended attributes from the MDM? 

I can see the following:

My endpoint with extended attributes.

and here are my available endpoint tags.

...

It looks like "mdm enabled" attribute is not being populated, and that might be a bug.  What version of CPPM is this?

As a workaround you can you use Endpoint: MDM Identifier Exists to check to see if the device is under management?

I'm running CPPM 6.2.2.56621.

I'll have a go at using the MDM Identifier tag and see how it goes...

Thanks Colin.

Also you can see my devices shows as compromised in the extended attributes however my device is running a stock ROM and is not rooted.

Their was a bug identified that was fixed in the 6.3.x code.

Note: Also fixed in 6.2.5

From the screen shot you can see that the fields missing have been added into the SOTI endpoint attributes.