Security

last person joined: 7 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Pulling Intune email attribute from endpoint repository

Jump to Best Answer
This thread has been viewed 56 times
  • 1.  Pulling Intune email attribute from endpoint repository

    Posted Sep 17, 2021 02:27 AM
    Hello,
      I have configured the Intune extension to download Intune attributes into the endpoint repository which works without issues. What I want to do is pull the Intune email address Endpoint:Intune Email Address I can see it in access tracker when I try to enforce on that attribute says "Policy server Failed to get value for attributes=[Endpoint:Intune Email Address]".  

    My enforcement is %{Authorization:[Endpoints Repository]:Endpoint:Intune Email Address}

    I'm assuming that I need to write a SQL filter query to do this beyond my capability anyone know what the filter query would be?





    ------------------------------
    Kelly L
    ------------------------------


  • 2.  RE: Pulling Intune email attribute from endpoint repository

    Posted Sep 17, 2021 04:57 AM
    Hi Kelly,

    The authorisation is only required if you would like to fetch profiling info like Device type or OS Family etc.
    To fetch the endpoint attributes you can directly use %{Endpoint: Attribute Name}, hence the attribute in your case should be %{Endpoint:Intune Email Address}.

    ------------------------------
    SANDEEP YADAV
    Global Escalation Center, ACCP | Aruba Software
    ------------------------------



  • 3.  RE: Pulling Intune email attribute from endpoint repository

    Posted Sep 17, 2021 10:13 AM
    I tried that I get a syntax error when I add the that to the filter. 

    The filter has been saved but has the following error:
    Invalid SQL syntax - ERROR: syntax error at end of input Position: 4  

    All the other SQL commands start with SELECT example 
    "SELECT mac_address AS User_Password FROM tips_endpoints WHERE mac_address = LOWER('%{Connection:Client-Mac-Address-NoDelim}') AND status = 'Known'"

    ------------------------------
    Kelly L
    ------------------------------



  • 4.  RE: Pulling Intune email attribute from endpoint repository

    Posted Sep 17, 2021 02:23 PM
    We don't have a create a custom SQL you can directly use it using %{Endpoint: Attribute Name} in role mapping or enforcement policies.
    Also, if you could elaborate on the requirement as where we are using this attribute?


    ------------------------------
    SANDEEP YADAV
    Global Escalation Center, ACCP | Aruba Software
    ------------------------------



  • 5.  RE: Pulling Intune email attribute from endpoint repository

    Posted Sep 17, 2021 04:53 PM
    I want to replace the user which is the mac address with the intune email address as part of a enforcement profile. That way when I see that person on the controller I know who they are by their email address as the user.  This is what I have in there now. 

    %{Authorization:[Endpoints Repository]:%{Endpoint:Intune Email Address}

    After authenticating the mac address the access tracker says.  

    Policy server Failed to get value for attributes=[Endpoint:Intune Email Address]


    ------------------------------
    Kelly L
    ------------------------------



  • 6.  RE: Pulling Intune email attribute from endpoint repository

    Posted Sep 17, 2021 06:24 PM
    That worked thanks

    ------------------------------
    Kelly L
    ------------------------------



  • 7.  RE: Pulling Intune email attribute from endpoint repository
    Best Answer

    Posted Sep 17, 2021 06:11 PM
      |   view attached
    You could import the attached zip under Policy Manager » Configuration » Enforcement » Profiles and use this profile in your enforcement policy.
    ZIP password 'aruba' without quotes.
    Snippet from the lab:


    Enforcement Profile:




    ------------------------------
    SANDEEP YADAV
    Global Escalation Center, ACCP
    ------------------------------

    Attachment(s)

    zip
    ReturnUsername.zip   832 B 1 version


  • 8.  RE: Pulling Intune email attribute from endpoint repository

    Posted 30 days ago
    How would I roll map other Intune Attributes when I look I don't see any names of the attributes in that drop down list.  Does this have to be added each time with an XML file?

    ------------------------------
    Kelly L
    ------------------------------



  • 9.  RE: Pulling Intune email attribute from endpoint repository

    Posted 29 days ago
    To see the available set of attributes that could be leveraged in policy, you can navigate to Policy Manager » Configuration » Identity » Endpoints » Attributes of an intune managed device.


    ------------------------------
    SANDEEP YADAV
    Global Escalation Center, ACCP
    ------------------------------



  • 10.  RE: Pulling Intune email attribute from endpoint repository

    Posted 29 days ago
      |   view attached
    When I try to find the Intune attributes in the drop down I don't see them for roll mapping.


    ------------------------------
    Kelly L
    ------------------------------



  • 11.  RE: Pulling Intune email attribute from endpoint repository

    Posted 29 days ago
    we have to use Endpoint: Attributes, 



    ------------------------------
    SANDEEP YADAV
    Global Escalation Center, ACCP
    ------------------------------



  • 12.  RE: Pulling Intune email attribute from endpoint repository

    Posted 29 days ago
    That worked thanks.

    ------------------------------
    Kelly L
    ------------------------------