The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

[Tomasz Wolniewicz <twoln AT umk.pl>]

Hi Andrea,
  my main problem with this approach is that we would be giving a confusing message to the users - if you are in Windows use just the username part, but when you are configuring iOS then put the name with the realm. I think this is way worse then just a single message - your eduroam username is the whole thing including the realm and always provide it as such. This is a one time action so the impact is not really severe.

I will try to take a look at the messages and see how to fit the extra info unless we are told that realm-less usernames are actually used and that such a message would not be a good idea. We could still make this a configurable option, of course.

Tomasz

W dniu 2013-11-04 09:59, Andrea Delise pisze:

In our institution we are still testing cat (we joined in a couple of weeks ago). I noticed too the issue with the realm on the username prompt page. My own first test failed because I thought it could be set automatically.

For my institution it would be perfect to have an enforcement of the domain name. But I know some other institutions where it could be rather complicated to manage different sub domains.

A quick and dirty solution, in my opinion, could be to state clearly on the cat software window that asks for the username to fill it in with the domain.

Best regards,

Andrea


On 11/02/2013 09:50 AM, Tomasz Wolniewicz wrote:

I was about to write the same as Stefan, but then decided not to :). The reason being that while all that Stefan says is true, in practice it proably is not used. For instance, I do nor see how to make this happen in Windows PEAP. When the user enteres the user-name, and the anonymous identity is set, then the outer name becomes the preset user part plus the realm of the inner identity. Of course when you use TTLS you are essentially free to use completely separate names. I do not know, perhaps there are sites not using Windows PEAP at all and using names like Stefan describes. However, at this stage, on Windows, we are not able to set the inner user-name part in TTLS, so for now we could not implement this request anyway.

Tomasz

-----

Tomasz Wolniewicz

-- 
______________________________________________
Andrea Delise
tel: +39-040-3787537  e-mail: delise AT sissa.it
SISSA Information Technology and Computing Services www.itcs.sissa.it 
via Bonomea 265 - I 34136 Trieste - Italy

-- 
Tomasz Wolniewicz    
          twoln AT umk.pl        http://www.home.umk.pl/~twoln

Uczelniane Centrum Informatyczne   Information&Communication Technology Centre
Uniwersytet Mikolaja Kopernika     Nicolaus Copernicus University,
pl. Rapackiego 1, Torun               pl. Rapackiego 1, Torun, Poland
tel: +48-56-611-2750     fax: +48-56-622-1850       tel kom.: +48-693-032-576