cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
Re: [[cat-users]] [cat] [android] why does the "realm" field gets the "Name (CN) of Authentication Server"?
Chronological Thread
- From: Vlad Mencl <vladimir.mencl AT reannz.co.nz>
- To: Giuseppe Mainardi <giuseppe.mainardi AT unifg.it>, cat-users AT lists.geant.org
- Subject: Re: [[cat-users]] [cat] [android] why does the "realm" field gets the "Name (CN) of Authentication Server"?
- Date: Tue, 24 Oct 2023 10:01:53 +1300
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=reannz.co.nz; dmarc=pass action=none header.from=reannz.co.nz; dkim=pass header.d=reannz.co.nz; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vYScrGRUfiuVa9Vp5bx85cc17tuf0OWYmc67nN3TEqU=; b=I1/bzF8NAQJ+9LeuIxKA5+y5/nlRaJPV0CMlYM5ssW9+psHKqH8bIP/8VJZwmrGEAfyzM0IDoz9PaI+g7lbmXHGu2RwGcHvuGjb2rRYOHtNDWUMcm3re3NEfsXuFXOx2IhQX/zsxe3YjB3rz4c6Hh0IJ2ymzG+dkyBt6FPUgiwG05BTGVgNN3TbXoSOi9/PftemPiiyz6+fPEUvxJ694vu4FGaNBGky1EBLfYT0ClOMjV1F8q99edi61z4XlcKfI8NzpSDvPUP1njiVDEuWNOi//aMECev1e6/DbiUJJrW61nrbWNKHOftloAqbGiYXhkrJKlfa8qzDH9itlIa3UQA==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VwqmhtdA46WHuHDcEverEHUCuF+yYFg50A40W5d2dewV9VuuCgI6ibfdHxSwIxcNO8TqYTocjmNFNSSDmn1TXEYiJ/gMaSLeNXKA7WesdQFmXkEOul0ZioB4PineVnjTkVKYR66nWDbw96ZG/g8Wl5bJPLYYpJrKEyXgAszbt2E5unuJpFbEW7LnoW8PFpMMVT7FsFmJbCaH5uCt95pErxv23VnBivhvxm+JdpG3uJnSVd7LB+KL0GuHOKSmTasL80XbqcVNGFWiE90u6NUhDI02e23Ec0uu04VpwmTg5nQph4QvsHxBzj9Nnspkbp3rVss4NBJ+bigjiqmnqDECOw==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=reannz.co.nz;
Hi Giuseppe,
Try dropping the "CN=" part from the value you enter for the CN - this field asks just for the value and the "CN=" syntax bit should not be included.
Cheers,
Vlad
On 21/10/23 00:17, Giuseppe Mainardi (via cat-users Mailing List) wrote:
Greetings to all,
I'm trying CAT for the first times and I see an unexpected behaviour.
When I build CAT I set Name (CN) of Authentication Server = CN=freeradius,DC=unifg,DC=it
because that is the radius server to use for that profile (Eduroam-AD). We have two profiles, but only this one is production-published.
When I load the eap-config file into getEduroam, the field "realm" gets the value "CN=freeradius,DC=unifg,DC=it" and the authentication doesn't work.
If I change the value, typing "unifg.it", as it is supposed to be, the authentication works.
Looking into the config file, the only place where that value is mentioned is: <ServerID>CN=freeradius,DC=unifg,DC=it</ServerID>
Where is the realm mentioned in the config file? Nowhere, unless... <InnerIdentitySuffix>unifg.it</InnerIdentitySuffix> but that setting is related to "Enforce realm suffix in username".
Is it my fault that I didn't understand what is "Name (CN) of Authentication Server" purpose?
Is there a more detailed documentation in order to better understand what values to set up for a fully functioning CAT config?
Trials made on Android 13 last update.
Second request:
is eduroamCAT fully compatible with Android 5.0.1? The first tests with that O.S. are negative. It is impossible to choose the SSID to connect with, the only SSID given by eduroamCAT is "eduroam" which is not the one we have to use in this test phase.
Thanks in advance.
--
Giuseppe Mainardi
Università di Foggia
Area Sistemi Informativi
Servizio Amministrazione di sistemi informativi, accounting e single-sign-on
(Resp.)
Via Gramsci, 89/91 - 71122 Foggia
Tel.: 0881/338440
To unsubscribe, send this message: mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
Or use the following link: https://lists.geant.org/sympa/sigrequest/cat-users
--
Vladimir Mencl
Lead Software Engineer
Research & Education
Advanced Network NZ Ltd
E vladimir.mencl AT reannz.co.nz
www.reannz.co.nz
- [[cat-users]] [cat] [android] why does the "realm" field gets the "Name (CN) of Authentication Server"?, Giuseppe Mainardi, 10/20/2023
- Re: [[cat-users]] [cat] [android] why does the "realm" field gets the "Name (CN) of Authentication Server"?, Martin Stanislav, 10/22/2023
- Re: [[cat-users]] [cat] [android] why does the "realm" field gets the "Name (CN) of Authentication Server"?, Vlad Mencl, 10/23/2023
- [[cat-users]] [cat] [android] why does the "realm" field gets the "Name (CN) of Authentication Server"?, Giuseppe Mainardi, 10/24/2023
Archive powered by MHonArc 2.6.24.