Security

Reply

Clearpass / Soti Integration (MDM Enabled Endpoint tag)

Hi All,

 

I've setup the integration between Clearpass and Soti Mobicontrol and am looking at the enformcent policies now.

 

I want to use the "MDM Enabled" one that's memtioned in the "Clearpass MDM Integration V2 technote but I can't see it in the list of available options... 

 

Here's what should be available:

 

soti cppm.PNG

 

Here's what I can see:

 

endpoint identifier.png

 

Soti integration appears to be ok as I can see nice healthy messages in the event viewer.

 

Can anyone help please?


Thanks

James


Cheers
James
----------------------------------------------------------------------
--------------------------@whereisjrw--------------------------
---------------------------------blog-------------------------------
ACCX #540 | ACMX #353 | ACDX #216 | AMFX #11
----------------------------------------------------------------------
----------------------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Guru Elite

Re: Clearpass / Soti Integration (MDM Enabled Endpoint tag)

You use Endpoint:MDM Enabled Equals True to check that attribute...

 

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos

Re: Clearpass / Soti Integration (MDM Enabled Endpoint tag)

That's what I gathered from the technote however there is no "MDM Enabled" Endpoint tag.

 

 


Cheers
James
----------------------------------------------------------------------
--------------------------@whereisjrw--------------------------
---------------------------------blog-------------------------------
ACCX #540 | ACMX #353 | ACDX #216 | AMFX #11
----------------------------------------------------------------------
----------------------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Guru Elite

Re: Clearpass / Soti Integration (MDM Enabled Endpoint tag)

Do you see any devices in the Endpoint database with extended attributes from the MDM? 

 

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos

Re: Clearpass / Soti Integration (MDM Enabled Endpoint tag)

I can see the following:

 

My endpoint with extended attributes.

 

cppm endpoint.png

 

and here are my available endpoint tags.

 

cppm endpoint tag.png

 

...

 

cppm endpoint tag1.png


Cheers
James
----------------------------------------------------------------------
--------------------------@whereisjrw--------------------------
---------------------------------blog-------------------------------
ACCX #540 | ACMX #353 | ACDX #216 | AMFX #11
----------------------------------------------------------------------
----------------------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Guru Elite

Re: Clearpass / Soti Integration (MDM Enabled Endpoint tag)

It looks like "mdm enabled" attribute is not being populated, and that might be a bug.  What version of CPPM is this?

 

As a workaround you can you use Endpoint: MDM Identifier Exists to check to see if the device is under management?


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos

Re: Clearpass / Soti Integration (MDM Enabled Endpoint tag)

I'm running CPPM 6.2.2.56621.

 

I'll have a go at using the MDM Identifier tag and see how it goes...

 

Thanks Colin.


Cheers
James
----------------------------------------------------------------------
--------------------------@whereisjrw--------------------------
---------------------------------blog-------------------------------
ACCX #540 | ACMX #353 | ACDX #216 | AMFX #11
----------------------------------------------------------------------
----------------------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.

Re: Clearpass / Soti Integration (MDM Enabled Endpoint tag)

Also you can see my devices shows as compromised in the extended attributes however my device is running a stock ROM and is not rooted.

 

cppm endpoint.png

 

 


Cheers
James
----------------------------------------------------------------------
--------------------------@whereisjrw--------------------------
---------------------------------blog-------------------------------
ACCX #540 | ACMX #353 | ACDX #216 | AMFX #11
----------------------------------------------------------------------
----------------------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
pto
Contributor I

Re: Clearpass / Soti Integration (MDM Enabled Endpoint tag)

Did you find a solution to this? /PoTski
Moderator

Re: Clearpass / Soti Integration (MDM Enabled Endpoint tag)

Their was a bug identified that was fixed in the 6.3.x code.

 

Note: Also fixed in 6.2.5

 

From the screen shot you can see that the fields missing have been added into the SOTI endpoint attributes.


Best Regards
-d

ClearPass Product Manager

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: