07-18-2018 01:02 AM
Hello Team,
My customer is testing Microsoft’s Intunes MDM solution with ISE. They reported being able to work with it successfully on the Wireless clients that registered on the cloud but ran into issues when they tried implementing it for wired.
The main question they are looking to answer is what is the unique identifier ISE uses to tell MS Intunes which client is authenticating? Is this the Mac address?
If it is the mac address, how would we identify an intunes client that registered on the cloud when they authenticate on the wire?
Thanks in advance.
Solved! Go to Solution.
07-18-2018 03:24 PM
Hi Yazan,
Please see the ISE integration guide. Though it is slightly older, the content is still good.
How to Integrate Microsoft Intune with ISE 2.1 Presentation
Thanks
Krishnan
07-18-2018 03:24 PM
Hi Yazan,
Please see the ISE integration guide. Though it is slightly older, the content is still good.
How to Integrate Microsoft Intune with ISE 2.1 Presentation
Thanks
Krishnan
02-01-2021 08:54 PM - edited 02-01-2021 09:36 PM
Hi Yazan,
I know it is an old post but posting for anyone else that searches because the answer isn't clearly stated anywhere else.
When ISE queries Microsoft Intune it appears to use the mac-address as the device identifier in the API call for example: https://xxx.xxxxx.manage.microsoft.com/StatelessNacService/ciscodeviceinfo/mdm/api/devices/?paging=0&querycriteria=macaddress&value=xxxxxxxx&filter=all
When a client registers with Intune, the mac-address of the device is collected and stored by Intune. When authenticating on the wire, the mac-address which is the calling station id, would be used by ISE to query Intune for the device status. (I hope I understood the question above). What I don't know is if ISE can be configured to use other available attributes to query Intune such as hostname which may be more desirable than using mac-addresses considering mac-address isn't always consistent e.g. mac-randomization, docking stations, usb ethernet adapters, thunderbolt ethernet adapters etc etc.
Regards,
He-Wun
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide