Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
85
Views
0
Helpful
1
Replies

Cisco ISE 8021x auth delay for macOS devices managed by Jamf Cloud.

HamFisted
Level 1
Level 1

‎11-12-2025 02:21 AM

A quick overview of the scenario: macOS devices are managed by Jamf Cloud. SCEP certificates are deployed from a Microsoft CA via the Jamf proxy. A custom sync workflow creates an AD object for each Jamf-managed device and ISE looks at the cert CN to perform a match to the AD object.

However, when automatic certificate renewal is enabled in Jamf Pro, a UUID is added to the CN of the deployed certificate so this authorization flow now fails. There are several SAN's in the certificate and when "Any Subject or Alternative Name Attributes in the Certificate (for Active Directory Only)" is enabled in the policy authentication is successful but with a significant delay. Is this delay to be expected?

0 Helpful
1 Reply 1

PSM
Level 1
Level 1

‎11-12-2025 03:10 AM

@HamFisted Did you try using Certificate Attribute " Subject Alternative Name" ?

0 Helpful
Customers Also Viewed These Support Documents