The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

[Ole Frendved Hansen <olef AT dtu.dk>]

Ok, Thanks,

Then I will ask for more stable id’s from our federation.

Best, Ole
--
ole.frendved.hansen AT deic.dk
DeIC, Danish e-Infrastructure Cooperation, www.deic.dk




Den 01/06/2016 kl. 08.13 skrev Stefan Winter 
<stefan.winter AT restena.lu>:

> Hello,
> 
>> During the last 6-8 months several inst-admins have complained about lost 
>> access to cat admin.
>> I’m the NRO-admin and when going to the admin web I still see them as 
>> being admins.
>> When I re-invite they regain access, and I see a double entry with their 
>> mail address in the admin GUI.
>> 
>> Can this origin in some sort of db field corruption ?
>> The link btw IdP and the cat-account is another possible failing point.
>> 
>> Any established knowledge on this issue?
> 
> We had a couple of reports about similar problems. They were always due
> to change of user identifiers on the IdP side (i.e. different
> eduPersonTargetedID value).
> 
> That is the nature of federated ID - the (supposed to be) stable and
> reliable user identifier we see is issued by a third party. If that
> third party changes the ID, we see an entirely new user, with no
> particular privilege until such privilege has been assigned to the "new"
> person. The fact that those two users have the same email address is
> insignificant: the mail address is *not* the user identifier.
> 
> Greetings,
> 
> Stefan Winter
> 
>> 
>> 
>> Best, Ole
>> --
>> ole.frendved.hansen AT deic.dk
>> DeIC, Danish e-Infrastructure Cooperation, www.deic.dk
>> 
>> 
>> 
>> 
>> Den 31/05/2016 kl. 16.16 skrev Per Mejdal Rasmussen 
>> <pmr AT its.aau.dk>:
>> 
>>> Det virkede.
>>> 
>>> On 31-05-2016 16:15, eduroam CAT Invitation System wrote:
>>>> Hello,
>>>> 
>>>> an administrator of the eduroam Identity Provider "Aalborg University"
>>>> has invited you to manage the IdP together with him. To enlist as an
>>>> administrator for that IdP, please click on the following link:
>>>> 
>>>> https://cat.eduroam.org/admin/action_enrollment.php?token=...
>>>> 
>>>> If clicking the link doesn't work, you can also go to the eduroam CAT
>>>> Administrator Interface at
>>>> 
>>>> https://cat.eduroam.org/admin/
>>>> 
>>>> and enter the invitation token
>>>> 
>>>> ...
>>>> manually. Please do not reply to this email, it is a send-only address.
>>>> 
>>>> We wish you a lot of fun with the eduroam CAT.
>>>> 
>>>> Sincerely,
>>>> 
>>>> Your friendly folks from eduroam Operations
>>>> 
>>> 
>>> --
>>> Per Mejdal Rasmussen
>>> To unsubscribe, send this message: 
>>> mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
>>> Or use the following link: 
>>> https://lists.geant.org/sympa/sigrequest/cat-users
>> 
> 
> 
> --
> Stefan WINTER
> Ingenieur de Recherche
> Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
> de la Recherche
> 2, avenue de l'Université
> L-4365 Esch-sur-Alzette
> 
> Tel: +352 424409 1
> Fax: +352 422473
> 
> PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
> recipient's key is known to me
> 
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
> <0x8A39DC66.asc>

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail