Security

Hello,

In the Clearpass Intune version 6 extension configuration I see two options I would like to understand; enableUserGroups and userGroupUpdateSchedule.

{
"logLevel": "INFO",
"verifySSLCerts": true,
"azureADEndpoint": "login.microsoftonline.com",
"graphEndpoint": "graph.microsoft.com",
"tenantId": "********",
"clientId": "********",
"clientSecret": "********",
"syncPageSize": 50,
"enableSyncAll": true,
"syncAllSchedule": "*/2 * * * *",
"syncUpdatedOnly": true,
"syncAllOnStart": true,
"enableEndpointCache": false,
"endpointCacheTimeSeconds": 900,
"intuneAttributes": null,
"enableUserGroups": true,
"userGroupUpdateSchedule": "*/2 * * * *",
"bypassProxy": false,
"enableStats": false,
"statsUsername": "",
"statsPassword": "********"
}

In the log I see the following
[2022-08-05T12:02:00.885] [INFO] Intune - User/Group update complete. Processed 9 Groups and 7 Users in 835.410815 ms.
[2022-08-05T12:02:00.885] [INFO] Intune - There are currently 9 Groups, 7 Users and 9 User-Group mappings in the database.

So it seems to be doing something. But where do I see those attributes in ClearPass? Can I use them in a policy?

I would like to differentiate certain computers based on for example a security group in Intune.

Hope someone can assist me further,

With kind regards,

Rens

Hello,

In the Clearpass Intune version 6 extension configuration I see two options I would like to understand; enableUserGroups and userGroupUpdateSchedule.

{
"logLevel": "INFO",
"verifySSLCerts": true,
"azureADEndpoint": "login.microsoftonline.com",
"graphEndpoint": "graph.microsoft.com",
"tenantId": "********",
"clientId": "********",
"clientSecret": "********",
"syncPageSize": 50,
"enableSyncAll": true,
"syncAllSchedule": "*/2 * * * *",
"syncUpdatedOnly": true,
"syncAllOnStart": true,
"enableEndpointCache": false,
"endpointCacheTimeSeconds": 900,
"intuneAttributes": null,
"enableUserGroups": true,
"userGroupUpdateSchedule": "*/2 * * * *",
"bypassProxy": false,
"enableStats": false,
"statsUsername": "",
"statsPassword": "********"
}

In the log I see the following
[2022-08-05T12:02:00.885] [INFO] Intune - User/Group update complete. Processed 9 Groups and 7 Users in 835.410815 ms.
[2022-08-05T12:02:00.885] [INFO] Intune - There are currently 9 Groups, 7 Users and 9 User-Group mappings in the database.

So it seems to be doing something. But where do I see those attributes in ClearPass? Can I use them in a policy?

I would like to differentiate certain computers based on for example a security group in Intune.

Hope someone can assist me further,

With kind regards,

Rens

Hello,

In the Clearpass Intune version 6 extension configuration I see two options I would like to understand; enableUserGroups and userGroupUpdateSchedule.

{
"logLevel": "INFO",
"verifySSLCerts": true,
"azureADEndpoint": "login.microsoftonline.com",
"graphEndpoint": "graph.microsoft.com",
"tenantId": "********",
"clientId": "********",
"clientSecret": "********",
"syncPageSize": 50,
"enableSyncAll": true,
"syncAllSchedule": "*/2 * * * *",
"syncUpdatedOnly": true,
"syncAllOnStart": true,
"enableEndpointCache": false,
"endpointCacheTimeSeconds": 900,
"intuneAttributes": null,
"enableUserGroups": true,
"userGroupUpdateSchedule": "*/2 * * * *",
"bypassProxy": false,
"enableStats": false,
"statsUsername": "",
"statsPassword": "********"
}

In the log I see the following
[2022-08-05T12:02:00.885] [INFO] Intune - User/Group update complete. Processed 9 Groups and 7 Users in 835.410815 ms.
[2022-08-05T12:02:00.885] [INFO] Intune - There are currently 9 Groups, 7 Users and 9 User-Group mappings in the database.

So it seems to be doing something. But where do I see those attributes in ClearPass? Can I use them in a policy?

I would like to differentiate certain computers based on for example a security group in Intune.

Hope someone can assist me further,

With kind regards,

Rens

------------------------------
Rens
------------------------------