Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3626
Views
5
Helpful
6
Replies

Looking for a Cisco ISE configuration to work with Microsoft Intune

Go to solution
latenaite2011
Level 4
Level 4

‎08-12-2021 07:54 PM

Hey everyone,

 

Looking for a configuration guide or best practice setting for Cisco ISE policy to work with Microsoft Intune using EAP-TLS.

 

Thanks!

LN

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
marce1000
Hall of Fame
Hall of Fame

‎08-13-2021 01:35 AM

 

  - FYI : https://docs.microsoft.com/en-us/troubleshoot/mem/intune/integrate-cisco-ise-intune

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

View solution in original post

Go to solution
craiglebutt
Level 4
Level 4

‎08-13-2021 07:01 AM

hi

 

Don't know why Microsoft can't make a API for it, specially as change are made.

Had to reconfigure this twice, these are the certs required

 

Baltimore CyberTrust Root,

Microsoft RSA TLS CA 01

DigiCert SHA2 Secure Server CA

DigiCert Global Root CA

 

Cheers, hope it helps

View solution in original post

0 Helpful
6 Replies 6

Go to solution
marce1000
Hall of Fame
Hall of Fame

‎08-13-2021 01:35 AM

 

  - FYI : https://docs.microsoft.com/en-us/troubleshoot/mem/intune/integrate-cisco-ise-intune

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Go to solution
latenaite2011
Level 4
Level 4
In response to marce1000

‎08-16-2021 03:58 PM

Thanks Marce1000 for the reply.

Will this work with the Microsoft CA Server upgraded to SHA2?
0 Helpful

Go to solution
craiglebutt
Level 4
Level 4

‎08-13-2021 07:01 AM

hi

 

Don't know why Microsoft can't make a API for it, specially as change are made.

Had to reconfigure this twice, these are the certs required

 

Baltimore CyberTrust Root,

Microsoft RSA TLS CA 01

DigiCert SHA2 Secure Server CA

DigiCert Global Root CA

 

Cheers, hope it helps

0 Helpful

Go to solution
hslai
Cisco Employee
Cisco Employee
In response to craiglebutt

‎08-14-2021 03:06 PM

Criag:- Usually ISE needs trusting the root CA certificates only because the web servers of the API endpoints should send the full chains.

https://aka.ms/AzureCertUpdate has info on Azure TLS cert changes.

 

0 Helpful

Go to solution
networks-at
Level 1
Level 1

‎08-24-2021 05:51 AM

Spent a good while importing certs into ISE and changing graph URL's only to find our ISE app in Azure needed AAD graph permissions (should have had by default apparently according to Azure support) as well as Microsoft Graph/Intune permissions that is in the documentation.

0 Helpful
Customers Also Viewed These Support Documents