cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

406
Views
0
Helpful
1
Replies
Highlighted
Beginner

MDM Server Cache

Hi,

 

We have come across an issue that we hope you can help with.

Does anybody know if the posture cache setting applies to external MDM server? (see attached picture).

The reason i ask is that we've recently had an issue where 2 devices are being marked as non-compliant on ISE however they are showing as compliant on the external MDM server (i.e. Microsoft Intune).

Is there a way to delete this cache so that ISE checks against the MDM server as it appears to only be looking at the cached version on ISE.

For reference (and testing) we have set the external MDM server polling interval to 15 minutes and the Time Interval for compliance device reauth query to 1 minute however this doesn't seem to be working.

Any help is appreciated.

Thanks in advance.

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

For your query, Does anybody know if the posture cache setting applies to external MDM server?

"Cache Last Known Posture Compliant Status" is not applicable to MDM attributes refresh.

Can you cross verify from ISE (Context Visibility > Endpoints > Compliance dashboard, search for the endpoints where you have seen this issue) whether MDMCompliant  attribute is updated to true/false ?

if it isn't reflecting MDMCompliant=true, you can do "Refresh MDM Partner Endpoint" from same context visibility MDM options.

 

View solution in original post

1 REPLY 1
Highlighted
Cisco Employee

For your query, Does anybody know if the posture cache setting applies to external MDM server?

"Cache Last Known Posture Compliant Status" is not applicable to MDM attributes refresh.

Can you cross verify from ISE (Context Visibility > Endpoints > Compliance dashboard, search for the endpoints where you have seen this issue) whether MDMCompliant  attribute is updated to true/false ?

if it isn't reflecting MDMCompliant=true, you can do "Refresh MDM Partner Endpoint" from same context visibility MDM options.

 

View solution in original post

Content for Community-Ad