Onboard licenses are consumed for every use that has one or more client certificates in the internal CA of ClearPass. If you enroll client certificates outside ClearPass and from another CA than ClearPass, you will not need Onboard licenses. This stands apart from the question to use extensions, which are included in Access Licensing.
So the answer to the first question is no.
For the second question, if the certificates are provisioned through Intune, and not generated by ClearPass as a CA, no Onboard licenses are needed either.
Please validate with your partner, or local Aruba SE if you need a legally binding answer.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Jan 28, 2022 10:32 AM
From: Stephen Vella
Subject: ClearPass Onboard- external CA / Clearpass Intune Extensions
If a customer is using Microsoft Enterprise CA and domain autoenrollment for pushing certificates to clients and/or Intune Endpoint Manager, does the customer still need to license the onboard license ?
Also, if customer decides to use Microsoft Intune Endpoint Manager for BYOD onboarding and one enables the Clearpass Intune Extensions, one still needs the Clearpass Onboard license ?
------------------------------
Stephen Vella
------------------------------