ISE posture functionality with the Cisco An圜onnect Secure Mobility Client is not affected by the issue described in this field notice.Īdditional information for the MaMicrosoft security patch update can be found in Manage changes for Windows DCOM Server Security Feature Bypass. The security hardening changes are enabled by default and there is no ability to disable the security hardening changes after installation of the Microsoft security patch. For MDM solution deployments only, this causes the connection to the MECM server to fail and compliance information will not be obtained. Microsoft uses Distributed Component Object Model (DCOM) for communication between software components of networked devices.Īs part of security hardening, the Microsoft security patch update released on Mawill deprecate the low level authentication that is required by Cisco ISE. This query requires authentication with the MECM server. BackgroundĬisco ISE uses a Windows Management Instrumentation (WMI) query to obtain endpoint registration and compliance status from the MECM server. MDM - Connection to Microsoft SCCM fails after Windows DCOM Server Hardening for CVE-2021-26414įor all wired, wireless, and VPN deployment scenarios, the Cisco Identity Services Engine (ISE) for Mobile Device Management (MDM) solution deployments might no longer be able to connect and obtain compliance information from the Microsoft Endpoint Configuration Manager (MECM) after the MaMicrosoft security patch is installed.
0 Comments
Leave a Reply. |