What information do you have in the certificates for the user and computer? Is it Windows computers or other devices you have in Intune?
With EAP-TLS you will only utilize one certificate, either the computer certificate or the user certificate. The machine certificate is presented when no user is authenticated and the user certificate when a user has logged on to Windows.
With EAP-TEAP you can send both certificates at the same time, but ClearPass will only utilize information from one of the certificates for Authorization. I think it's the user certificate it will utilize if a computer has a logged on user, otherwise the machine certificate information.
In your case the Intune lookup in the Endpoints repository should be able to find the MAC address of the WLAN NIC, but remember that a wired NIC MAC address isn't populated by Intune and thus not searchable in the Endpoints repository or the Intune Extension. If you are planning to use wired NIC's you must have the Intune ID in the certificate and search for this information.
Have you verified that the username in the certificate and Entra ID is matching?
------------------------------
Best Regards
Jonas Hammarbäck
MVP Guru, ACEX, ACDX #1600, ACCX #1335, ACX-Network Security
Aranya AB
If you find my answer useful, consider giving kudos and/or mark as solution
------------------------------