View Only
last person joined: yesterday 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Clearpass Intune version 6 enable User Groups

This thread has been viewed 15 times
  • 1.  Clearpass Intune version 6 enable User Groups

    Posted Aug 05, 2022 07:28 AM


    In the Clearpass Intune version 6 extension configuration I see two options I would like to understand; enableUserGroups and userGroupUpdateSchedule.

    "logLevel": "INFO",
    "verifySSLCerts": true,
    "azureADEndpoint": "",
    "graphEndpoint": "",
    "tenantId": "********",
    "clientId": "********",
    "clientSecret": "********",
    "syncPageSize": 50,
    "enableSyncAll": true,
    "syncAllSchedule": "*/2 * * * *",
    "syncUpdatedOnly": true,
    "syncAllOnStart": true,
    "enableEndpointCache": false,
    "endpointCacheTimeSeconds": 900,
    "intuneAttributes": null,
    "enableUserGroups": true,
    "userGroupUpdateSchedule": "*/2 * * * *",
    "bypassProxy": false,
    "enableStats": false,
    "statsUsername": "",
    "statsPassword": "********"

    In the log I see the following
    [2022-08-05T12:02:00.885] [INFO] Intune - User/Group update complete. Processed 9 Groups and 7 Users in 835.410815 ms.
    [2022-08-05T12:02:00.885] [INFO] Intune - There are currently 9 Groups, 7 Users and 9 User-Group mappings in the database.

    So it seems to be doing something. But where do I see those attributes in ClearPass? Can I use them in a policy?

    I would like to differentiate certain computers based on for example a security group in Intune.

    Hope someone can assist me further,

    With kind regards,



  • 2.  RE: Clearpass Intune version 6 enable User Groups

    Posted Aug 26, 2022 12:40 PM
    Bump!  I am wondering the same thing


  • 3.  RE: Clearpass Intune version 6 enable User Groups

    Posted Aug 29, 2022 04:40 AM
    That is an unreleased/unfinished/undocumented feature, so it can't/should not be used and kept to default of enableUserGroups: false.

    Herman Robers
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.