03-02-2021 12:01 PM
I am trying to gain access to more attributes such as MacOS version since Apple may stop putting the version number in the User Agent field. I have JAMF as an MDM and already use it to validate compliance for VPN clients. I'm wondering if anyone has used an MDM lookup strictly as a means to gain more attributes for a device. I know reaching out to MDM for authZ can add additional connectivity time, so I'm not really wanting to do that. But is there another way for me to reach out to the MDM to check a device?
Solved! Go to Solution.
03-03-2021 05:32 PM
The MDM API is mainly intended to validate Registration/Compliance status of the endpoint from the MDM/DDM and is only triggered by an AuthZ Policy that uses those attributes.
The ideal mechanism for external systems to share endpoint contextual data with ISE would be via pxGrid, but JAMF would need to develop a pxGrid publisher mechamism that ISE could then consume as a subscriber.
03-03-2021 05:32 PM
The MDM API is mainly intended to validate Registration/Compliance status of the endpoint from the MDM/DDM and is only triggered by an AuthZ Policy that uses those attributes.
The ideal mechanism for external systems to share endpoint contextual data with ISE would be via pxGrid, but JAMF would need to develop a pxGrid publisher mechamism that ISE could then consume as a subscriber.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide