cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: Ole Frendved Hansen <olef AT dtu.dk>
- To: Stefan Winter <stefan.winter AT restena.lu>
- Cc: "cat-users AT lists.geant.org" <cat-users AT lists.geant.org>
- Subject: Re: [[cat-users]] Inst-admins loosing their access
- Date: Wed, 1 Jun 2016 11:24:25 +0000
- Accept-language: da-DK, en-US
Ok, Thanks,
Then I will ask for more stable id’s from our federation.
Best, Ole
--
ole.frendved.hansen AT deic.dk
DeIC, Danish e-Infrastructure Cooperation, www.deic.dk
Den 01/06/2016 kl. 08.13 skrev Stefan Winter
<stefan.winter AT restena.lu>:
> Hello,
>
>> During the last 6-8 months several inst-admins have complained about lost
>> access to cat admin.
>> I’m the NRO-admin and when going to the admin web I still see them as
>> being admins.
>> When I re-invite they regain access, and I see a double entry with their
>> mail address in the admin GUI.
>>
>> Can this origin in some sort of db field corruption ?
>> The link btw IdP and the cat-account is another possible failing point.
>>
>> Any established knowledge on this issue?
>
> We had a couple of reports about similar problems. They were always due
> to change of user identifiers on the IdP side (i.e. different
> eduPersonTargetedID value).
>
> That is the nature of federated ID - the (supposed to be) stable and
> reliable user identifier we see is issued by a third party. If that
> third party changes the ID, we see an entirely new user, with no
> particular privilege until such privilege has been assigned to the "new"
> person. The fact that those two users have the same email address is
> insignificant: the mail address is *not* the user identifier.
>
> Greetings,
>
> Stefan Winter
>
>>
>>
>> Best, Ole
>> --
>> ole.frendved.hansen AT deic.dk
>> DeIC, Danish e-Infrastructure Cooperation, www.deic.dk
>>
>>
>>
>>
>> Den 31/05/2016 kl. 16.16 skrev Per Mejdal Rasmussen
>> <pmr AT its.aau.dk>:
>>
>>> Det virkede.
>>>
>>> On 31-05-2016 16:15, eduroam CAT Invitation System wrote:
>>>> Hello,
>>>>
>>>> an administrator of the eduroam Identity Provider "Aalborg University"
>>>> has invited you to manage the IdP together with him. To enlist as an
>>>> administrator for that IdP, please click on the following link:
>>>>
>>>> https://cat.eduroam.org/admin/action_enrollment.php?token=...
>>>>
>>>> If clicking the link doesn't work, you can also go to the eduroam CAT
>>>> Administrator Interface at
>>>>
>>>> https://cat.eduroam.org/admin/
>>>>
>>>> and enter the invitation token
>>>>
>>>> ...
>>>> manually. Please do not reply to this email, it is a send-only address.
>>>>
>>>> We wish you a lot of fun with the eduroam CAT.
>>>>
>>>> Sincerely,
>>>>
>>>> Your friendly folks from eduroam Operations
>>>>
>>>
>>> --
>>> Per Mejdal Rasmussen
>>> To unsubscribe, send this message:
>>> mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
>>> Or use the following link:
>>> https://lists.geant.org/sympa/sigrequest/cat-users
>>
>
>
> --
> Stefan WINTER
> Ingenieur de Recherche
> Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
> de la Recherche
> 2, avenue de l'Université
> L-4365 Esch-sur-Alzette
>
> Tel: +352 424409 1
> Fax: +352 422473
>
> PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
> recipient's key is known to me
>
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
> <0x8A39DC66.asc>
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
- Re: [[cat-users]] Inst-admins loosing their access, Stefan Winter, 06/01/2016
- Re: [[cat-users]] Inst-admins loosing their access, Ole Frendved Hansen, 06/01/2016
Archive powered by MHonArc 2.6.19.