Security

We have several MDM integrations with CPPM (JAMF and Airwatch) and i noticed some devices failing because they are not matching attributes used for enforcement.

Here is an example, this iPad was once in JAMF but now moved to Airwatch. Endpoint DB shows different info from Access Tracker which is causing the iPad to fail.

I have setup "Endpoint Context Server Interval = 5 minutes" so we get the most recent endpoint information from MDM's. Also cleaning modified Cleanup Intervals (see attachement) but no luck.

Thanks,

AP

Have you tried just outright deleting the device from the Endpoints Database and then polling AirWatch / JAMF to rediscover it as a new device? It's possible that because it was in one, it is retaining the attributes.

Yes i have done that, but get the same information back from MDM.

My concern is: When we initially onboard a device let’s say in JAMF, the endpoint gets updated on the next pull/fetch. Let’s say a week later that device gets moved from JAMF (manually deleted in JAMF) then enrolled in AIRWATCH, doesn’t that suppose to update the Endpoint record with new information and delete the old? Or do i have to also manually delete the record so the new one stays?

I am under the assumption that MDM should update/delete the record on clearpass on every pull/fetch every time there is a change. This is happening to multiple devices, not only one.

Currently i have the fetch set to every 5 minutes.