Hi there,
We are heavy users of User Device Tracker (UDT) and rely on it to map users to switchports in our environment. Currently, UDT works very well for on-premises AD–joined devices because it correlates DC login events (4624) with network switchports.
However, we are increasingly seeing endpoints that are 100% Microsoft Entra ID (Azure AD)–joined. These devices authenticate entirely in the cloud, so no successful logon events are generated on our on-prem domain controllers. As a result:
- UDT cannot track user-to-port mappings for Entra-only devices
- Visibility into the network for modern cloud-first endpoints is lost
- Hybrid and cloud-first environments cannot fully leverage UDT’s capabilities
Feature request:
We would like UDT to support Microsoft Entra ID–only devices, ideally by:
- Integrating with Entra ID Sign-in logs to map users to IP addresses
- Allowing correlation with DHCP or switch ARP tables to infer the switchport
- Maintaining the same user-to-port visibility model currently available for on-prem AD devices
This enhancement would make UDT viable in cloud-first and hybrid environments, which are becoming the standard in enterprise networks.
