Re: [WIRELESS-LAN] Force Windows to send UPN
Here is what we ended up doing. Quoted from our Enterprise Client Team e-mail….. We have had some reported issues with the Eduroam single sign on GPO. The GPO, called _PUBLIC-Eduroam Wireless Config, allows laptops to connect to Eduroam before logon as long as the UPN is used as the username – haw...@uiowa.edumailto:haw...@uiowa.edu. The issue occurs after the computer connects and logs in fine. Then while it is being used it disconnects from Eduroam and never reconnects. It tries to reconnect with iowa\HawkID, which causes the failure. I have created a fix for this by adding a second wireless profile to the GPO called Eduroam Reconnect. The original profile is still there, so single sign on works as expected. If during regular use the machine disconnects from Eduroam and fails to reconnect, it falls back to Eduroam Reconnect which prompts for a user ID. This allows the user to type haw...@uiowa.edumailto:haw...@uiowa.edu and reconnect to the Wireless network again. If they are disconnected again, it will reconnect using this profile without prompting. We have this implemented in a few places around campus, and I’d like to add it to the public GPO. Let me know if you have any issues or concerns. Otherwise, I’ll make the change at the end of the day. It's not elegant, but it does work… -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: +1 319 384-0938tel:+13193840938 Fax: +1 319 335-2951tel:+13193352951 E-Mail: neil-john...@uiowa.edumailto:neil-john...@uiowa.edu Lync: neil-john...@uiowa.edusip:neil-john...@uiowa.edu From: Walter Reynolds wa...@umich.edumailto:wa...@umich.edu Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Date: Thursday, November 14, 2013 10:25 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU WIRELESS-LAN@LISTSERV.EDUCAUSE.EDUmailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Force Windows to send UPN I would be interested in the answer as well. Walter Reynolds Principal Systems Security Development Engineer Information and Technology Services University of Michigan (734) 615-9438 On Thu, Nov 14, 2013 at 10:01 AM, Tim Cappalli cappa...@brandeis.edumailto:cappa...@brandeis.edu wrote: Morning, Does anyone know of a way to force Windows to pass credentials in the UPN format instead of NETBIOS when using the “Automatically use Windows credentials” option for user authentication? Is there a group policy option to disable legacy NETBIOS use for authentication? For example, my user account: NETBIOS:USERS\cappalli UPN: cappa...@brandeis.edumailto:cappa...@brandeis.edu Thanks for the help Tim Tim Cappalli, Network Engineer LTS | Brandeis University x67149 | (617) 701-7149tel:%28617%29%20701-7149 cappa...@brandeis.edumailto:cappa...@brandeis.edu ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
BlackBerry Z10 issue with 802.1x authentication
Has anyone experienced 802.1x authentication issues with Blackberry Z10/Q10? We have Cisco WiSMs and ACS 5.3 deployment using PEAP authentication. Recently I have found Z10 cannot authenticate. ACS does not have any logs for the device. We use Thawte certificate and all intermediate certificates are configured on ACS. The Z10 can connect to our open SSID. Any advices? Thanks. --- Dennis Xu Analyst 3, Network Infrastructure Computing and Communications Services(CCS) University of Guelph 519-824-4120 Ext 56217 d...@uoguelph.ca www.uoguelph.ca/ccs ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Interop- Looking For Speakers
This is the only post on the topic I'll make on the list, and please make sure all responses come to me directly. There is an incredible amount of WLAN talent in the higher ed space, and we've been doing the BYOD thing since before it became a fashionable topic. Many of us have designed, grown, and operate some of the biggest wireless networks in the world and keep them going despite the often chaotic nature and many types of higher ed network clients and devices. And every now and then it's good for one or two of us to get up in front of people and share our perspective on wireless with the world. That being said, I have the honor of being the Chairperson for the Mobility Tack at this Year's Interop show in Las vegas. http://www.interop.com/lasvegas/ I spoke at both Interop events last year (I had a session on Preparing for 11ac, and another on When Good Wireless Feels Bad) and the experience was absolutely worth doing. I'd love to get at least one or two passionate peers from higher ed involved, and can share the details in direct email if you have an interest. Sessions are an hour, and there will be at least one panel discussion. I have some topics already defined, and there is certainly room for good session ideas. Thanks much, Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Bridgewave 80 GHz Bridges, Just came out of service
We have just retired two licensed 80 GHz (FE80-U) units, and I don't see them being installed again anywhere here on our end (they are incredible units, we just don't have the need). Wondering if anyone on either list uses these and may be interested in attractively priced spares? Thanks- Lee Badman ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Re: [WIRELESS-LAN] WLC 7.5 Prime 1.4
I'm using 7.5 on some 8510s w/PI1.3 , mainly due to CSCty84682 - dropping mcast packets (ex. bonjour announcements). As a formerly discussed topic, I'm finding browser support is growing evermore painful. I was holding off on PI 1.4 hoping not to get myself wedged into a specific train, but I'm aiming to move to it for improved browser support alone. I could inquire with Cisco but, I'm here... Anyone have current info on the WLC/PI roadmap? Any sense if 2.0 will merge into 2.1 or will they remain separate trains? We’re using that combo. Seems to be quite a bit more stable than 7.4. Regards, Eric Barnett Senior Network Engineer/Wireless Administrator Information and Technology Services Arkansas State University (870) 680-4243 http://wireless.astate.edu *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] *On Behalf Of *Alan Nord *Sent:* Friday, November 08, 2013 8:10 AM *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU *Subject:* [WIRELESS-LAN] WLC 7.5 Prime 1.4 Anyone using the WLC 7.5 and PI 1.4 combination? If so, has it been stable? I have a case open with Cisco regarding client association and roaming issues and the solution is to upgrade to 7.5 code to fix the bug. I am currently running version 7.2 on two 5508 controllers with mainly 1142, 3502 and 3602 APs. Anything to be aware of when upgrading from 7.2 to 7.5? Thanks, Alan -- Alan Nord, CCNA Infrastructure Manager Information Technology Services Macalester College 1600 Grand Avenue St. Paul, MN 55105 ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.