We have ISE 3.3 Patch 3.
We have two domain-joined posture conditions as follows
- Azure_AD_Join - This condition checks if the machine is Azure AD joined
- Onprem_Domain - This condition checks if the machine is AD joined
Both condition works as per expectation. In normal conditions, a machine can be part of either domain.
Now, We are trying to extract a report listing the machines where both domain-joined conditions failed. (Trying to find any machines which are not domain joined). We know that ISE Reporting has two reports available to the administrator: Posture Assessment by Condition and Posture Assessment by Endpoint.
If we apply a single condition, "Azure_AD_Join", we get a report where the Condition Status is failed, but when checking, we found the machine is part of On-Prem AD and Vice Versa.
If we combine both conditions, we get 0 entries, which indicates we don't have any machine where both conditions fail. However, we have a machine where both conditions are failing.
We want to know why this report filter is not working as expected.