Thank you Herman, I created an TAC case.
Original Message:
Sent: Nov 10, 2023 08:41 AM
From: Herman Robers
Subject: ClearPass Intune extension
In that case you may need to go through TAC. If you have the extension ID from your current installation, you may be able to install based on the ID, but not sure if older versions are still posted.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
Original Message:
Sent: Nov 09, 2023 08:53 AM
From: erik.boss
Subject: ClearPass Intune extension
Is there a guide available how to install it?
My search results gave me only the latest version in the extension.
Regards,
Erik
Original Message:
Sent: Nov 09, 2023 08:47 AM
From: Herman Robers
Subject: ClearPass Intune extension
Probably, yes... you can install multiple Intune extensions in parallel. Just be a bit careful to prevent that both extensions synchronize to the endpoint database at the same time. For HTTP Authorization, it shouldn't be an issue.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
Original Message:
Sent: Nov 09, 2023 08:32 AM
From: erik.boss
Subject: ClearPass Intune extension
Hi Herman,
thanks for clarification.
But how can I migrate for the time being from the "old" cluster to the new one?
Is there a way to install a new and an older Intune extension?
Thanks,
Erik
Original Message:
Sent: Nov 09, 2023 08:17 AM
From: Herman Robers
Subject: ClearPass Intune extension
Erik,
That is expected. The newer Intune Extensions use different APIs (GraphAPI), instead of older (deprecated) APIs. Part of that is that lookup is done through the Intune DeviceID, no longer to the MAC address, except that you can use the sync option to sync Intune data to the Endpoint Database and lookup by (wireless!) MAC there.
I did a presentation at a recent event in Belgium, where the slides are posted here. It also explains why using the MAC address to lookup/link security data is a bad idea in many cases.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
Original Message:
Sent: Nov 09, 2023 07:24 AM
From: erik.boss
Subject: ClearPass Intune extension
Hi guys,
I'm currently migrating ClearPass from 6.9 to 6.11 with ClearPass Intune extension.
In ClearPass 6.11 have the exact same service for the customers Wi-Fi but the ClearPass extension cannot lookup the mac-address. The extension is searching for the IntuneID which is not configured.
[2023-11-09T12:46:26.445] [INFO] Intune - [id] Request for information received from ::ffff:172.17.0.1.[2023-11-09T12:46:26.445] [DEBUG] Intune - [id] Performing device lookup.[2023-11-09T12:46:26.447] [INFO] Intune - [id] Device not found.
[2023-11-09T12:40:07.273] [DEBUG] Intune - ce32b8ad-a293-4a3e-a1c1-f079e91ab08a Processing the MAC Address 88c08b093017 for device da0fe22a-dadb-4974-aede-9535dfee773a...[2023-11-09T12:40:07.273] [INFO] Intune - ce32b8ad-a293-4a3e-a1c1-f079e91ab08a No updates to 45398 (88c08b093017) in ClearPass - skipping.[2023-11-09T12:40:07.273] [DEBUG] Intune - ce32b8ad-a293-4a3e-a1c1-f079e91ab08a Processing device b4272cd9-ba3a-4ecd-a5cf-d7fce00399d5.
My older Intune extension v4.0.0 is quering the mac-address the right way
[2023-11-08T13:20:51.516] [DEBUG] intune - Querying Intune at https://fef.msub05.manage.microsoft.com/StatelessNACService/devices[2023-11-08T13:20:55.366] [DEBUG] intune - Request received. /?macAddress=8cc681d10f2e
I don't have access to Intune myself but the new enterprise app is configured the same as the older ones.
What could be the issue? I cannot migrate the Wi-Fi users to the new cluster.
In the meanwhile I cannot test the wired part of my project as well.
Is there a bug or am I doing something completely wrong?
Thanks,
Best regards,
Erik