UPDATED TechNote V3: ClearPass and Microsoft Intune Extension Integration

ClearPass Team,


Please find enclosed information and details related to ClearPass and Microsoft Intune integration. In this updated TechNote read how to setup and configure ClearPass Policy Manager and Microsoft Intune Cloud-based MDM.


In this release, we have enhanced the integration to simplify the process of collecting the necessary data from Microsoft to complete the configuration. Additionally, within this release of the extension we have added support for a new Intune attribute – Ownership. This has been requested by a number of customers and MSFT finally delivered this very recently. With this new endpoint context, we now have the ability to understand and differentiate how Intune understands a managed device, i.e. a Corporately owned device vs a Personal [BYOD] device.


You can find the document on the support site located here



Happy reading – go fill your boots..!!….. comments and feedback/suggestions graciously accepted. 




Best Regards

ClearPass Product Manager

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
New Contributor

Re: UPDATED TechNote V3: ClearPass and Microsoft Intune Extension Integration

Good read, thanks for this updated technote release.

Several questions:


What destinations is our ClearPass cluster required to reach?

I found the following destinations buried in an old Aruba presentation:

Is this it? or is there other location rules that should be added?




In the instruction on page 8:

Next click on ‘API Guest Operator’ and select ‘Duplicate’. ClearPass will copy the profile and call it ‘API
Guest Operator (2)’. Now edit and rename it to be ‘API Extension Profile’.


There is no API Guest Operator profile present in our vanilia system install to duplicate. What is the correct profile to duplicate or listing of all profile settings needed to create a new profile.




Guest Blogger

Re: UPDATED TechNote V3: ClearPass and Microsoft Intune Extension Integration



The ClearPass InTune Integration Guide v3.0 isn't complete anymore. At least that is what I noticed when following the steps. One additional step should be added. After setting the required permissions under the app registration on page 19 you have to click “Grant Permissions” (see attachment).


If you don't do this, ClearPass will not be able to fetch attributes from InTune.

@rene_booches | AMFX #26, ACMX #438, ACCX #725, ACDX #760, CCNP R&S, CEH | Co-owner/Solution Specialist@4IP / blog
Contributor I

Re: UPDATED TechNote V3: ClearPass and Microsoft Intune Extension Integration


When following the v3 tech-note guide, be careful when copy and pasting the XML Authorization Source on page 29. On page 27 the filter query is written out correctly. On page 29, although it looks correct, when you copy and paste it into XML the last hyphen (between Address and NoDelim) is missing. Do a “search” in the doc and you’ll see you only get 1 match for this: ?macAddress=%{Connection:Client-Mac-Address-NoDelim} when it appears to be in the doc twice.


?macAddress=%{Connection:Client-Mac-Address-NoDelim} = Correct format from page 27.

?macAddress=%{Connection:Client-Mac-AddressNoDelim} = Incorrect format from page 29 after copy and paste.

Search Airheads
Showing results for 
Search instead for 
Did you mean: