The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

[Vlad Mencl <vladimir.mencl AT reannz.co.nz>]

Hi Kathy,

CAT (or eduroam.org sites in general) have long supported the 
identifiers listed in the error message you received - which (after 
leaving out those specific to Google/Facebook/LinkedIn/Twitter) are:

   * eduPersonTargetedID
   * samlPairwiseID
   * samlSubjectID

Note that eduPersonPrincipalName is not on the list.  That attribute is 
not considered trustworthy enough, as some institutions use it in a way 
where usernames may be reassigned.  Even though many other institutions 
use it with usernames that are not reassigned, as the specification did 
not explicitly rule it out, the attribute is not trustworthy anymore - 
and is thus not accepted by eduroam.org.

If this worked for you before and does not now, your institution must 
have made a change, stopping to provide one of the attributes that were 
used before.

I suggest you raise it with your institution's IT department.

Hope this helps.

Best regards,
Vlad



On 30/06/23 03:01, Kathy E Wright CCIT (via cat-users Mailing List) wrote:
> Hello,
>
> Our ability to logon to the Eduroam admin portal has broken.  It has 
> worked until today.  We are getting the following error message.
>
> We are releasing eduPersonPrincipalName as the unique identifier.  
> Please advise if something has changed.
>
> Kathy E Wright
> CCIT - Clemson University
>
> To unsubscribe, send this message: 
> mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
> Or use the following link: 
> https://lists.geant.org/sympa/sigrequest/cat-users

--
Vladimir Mencl
Lead Software Engineer

Research & Education
Advanced Network NZ Ltd

E  vladimir.mencl AT reannz.co.nz
www.reannz.co.nz