Skip to main content
cmaheu
Staff
cmaheu
Staff
November 23, 2020

Technical Tip: Hosts imported from Airwatch is less than expected

  • November 23, 2020
  • 0 replies
  • 1001 views

Description

 
This article provides steps to determine if there are invalid entries.
 
The number of hosts imported from Airwatch is less than the number expected.
 
Hosts imported from Airwatch will not be imported due to the following reasons:
  • Invalid MAC address (contains all zeros or duplicates).
  • Invalid enrollment status (anything other than 'Enrolled').


Scope

 

Version: 8.x.

Solution

 

Enable Debug and collect logs:
 
  1. Enable debug. Login to CLI as root and type:

    nacdebug -name AirWatchServer true
    nacdebug -name MdmManager true

  2. Start tail of output.master. Type:

    cd /bsc/logs
    tail -F output.master | tee MdmAWPollmaster.txt

  3. Under System -> Settings -> System Communication -> MDM Services, and select the AirWatch entry.

  4. Select Poll now.  The poll will take several minutes to complete.

  5. Once the UI displays poll is successful, ctrl-c to stop the tail.

  6. Disable debug. Type:

    nacdebug -name AirWatchServer false
    nacdebug -name MdmManager false
 
Evaluate Logs:
 
Invalid addresses (all zeros)
 

Command:


grep macAddress MdmAWPollmaster.txt | tr ',' '\n' | grep macAddress | grep 00000000 | wc -l

 

Example:  

 

grep macAddress MdmAWPollmaster.txt | tr ',' '\n' | grep macAddress | grep 00000000 | wc -l
4

 

Duplicate addresses:
Command:

 

grep macAddress MdmAWPollmaster.txt | tr ',' '\n' | grep macAddress | wc -l
grep macAddress MdmAWPollmaster.txt | tr ',' '\n' | grep macAddress | sort | uniq | wc -l

 

Example:  Even though there are:

 

grep macAddress MdmAWPollmaster.txt | tr ',' '\n' | grep macAddress | wc -l
8878

grep macAddress MdmAWPollmaster.txt | tr ',' '\n' | grep macAddress | sort | uniq | wc -l
8769

 

Invalid enrollment state:

FortiNAC will only import hosts whose enrollmentStatus=Enrolled.

Command:


grep enrollmentStatus MdmAWPollmaster.txt | tr ',' '\n' | grep enrollmentStatus | sort | uniq -c

 

Example:  8525 hosts have a valid enrollment status. The rest will not be imported.


grep enrollmentStatus MdmAWPollmaster.txt | tr ',' '\n' | grep enrollmentStatus | sort | uniq -c
34 enrollmentStatus=DeviceWipePending
5 enrollmentStatus=Discovered
4 enrollmentStatus=E
1 enrollmentStatus=En
1 enrollmentStatus=Enr
1 enrollmentStatus=Enro
3 enrollmentStatus=Enrol
2 enrollmentStatus=Enroll
1 enrollmentStatus=Enrolle
8525 enrollmentStatus=Enrolled
7 enrollmentStatus=EnrollmentInProgress
172 enrollmentStatus=Unenrolled
20 enrollmentStatus=WipeInitiated

For integration details, see the Airwatch MDM Integration reference manual in the Document Library.

Related Articles:

Technical Tip: Troubleshooting MDM registration issues

Technical Note: Airwatch polling stops before all records are returned

Terms & ConditionsAccessibility statement