Security

My customer has a fairly simple implementation of MobileIron as an endpoint context server.  The role mapping policy was created to set a role based on attributes in MobileIron:  Ownership == Employee or Corporate, and OS Version.

After upgrading from 6.6.x to 6.7.9, the polling data from MobileIron is incorrect. 

What we're seeing indicates that ClearPass is not parsing the ":" delimiter, e.g. the hostname should be "ABCD1234" but instead shows as "ABCD1234:iOS 11.4:PDA"; the OS Version is incorrect (should say "11.4", now says "iPhone"), and the Ownership attribute is always wrong (says "Employee" for all endpoints now, regardless of the value in MobileIron).

This is obviously causing havoc in the role mapping policy, and has forced us to put in workarounds which essentially ignore all of the MobileIron context.

TAC's only suggestion is to upgrade to 6.8.0 (which isn't available yet, so how is this a solution???) so I was wondering if anyone else has seen this and if you found a solution?

6.8.0 is available through asp or mnp, dont see it yet in the support.arubanetworks.com portal

-EDIT- Now it is also available at support.arubanetworks.com

It is available

https://support.arubanetworks.com/DownloadSoftware/tabid/75/DMXModule/510/EntryId/33718/Default.aspx

Ok, so now 6.8.0 is available, but there's nothing in the release notes about this specific issue with MobileIron.  TAC has filed a bug report so we'll have to wait and see if there will be a patch.