Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
339
Views
0
Helpful
2
Replies

Intune - MDM clash

dl-atos-ukit-network-support
Level 1
Level 1

‎02-27-2025 03:33 AM

I have recently upgrade ISE to patch 10. It is on version 3.1. My CSR was getting expired and we have renewed it. After renewal there is a strange behavior within ISE. My ISE runs for two type of systems, windows 11 auto-pilot and windows 10. Windows 10 work via AD domain authentication EAP -TLS and it is working fine. But for windows 11, few users can authenticate and few cannot. The error that ISE gives me is device registry in MDM is false and it fails on authorization policy. But when we check in MDM which is Intune, device is compliant as well as registered. This is causing issues.

Only thing that changed was CSR but yes the certificate chain did change. The intermediate certificate on customer end changed. We do have all required certs on ISE trusted store though

Labels:
0 Helpful
2 Replies 2

PSM
Level 1
Level 1

‎02-28-2025 03:56 AM

@dl-atos-ukit-network-support Did you update Azure App with new ISE certificate ? Azure App need to trust ISE admin certifiacte.  If yes, did you try to test the connection if it is failing or successful ? If there is any issue with certificate connection is going to fail.

In addition you can check logs in report Operations>Reports>Reports>Endpoints and Users>Externa Mobile Device Manager

 

 

0 Helpful

dl-atos-ukit-network-support
Level 1
Level 1
In response to PSM

‎03-02-2025 09:56 PM

hi,

Yes the new certificate was uploaded to azure app. The test connection shows successful under external MDM.

The error it throws under liver logs is MDM register status is false but in Intune is it registered as well as compliant.

0 Helpful
Customers Also Viewed These Support Documents