Chris,
Thanks for the feedback. What is your expiration time on our RADIUS Server
certificate?
-Neil
--
Neil Johnson
Network Engineer
The University of Iowa
Phone: 319 384-0938
Fax: 319 335-2951
E-Mail: neil-john...@uiowa.edu
> On Nov 2, 2016, at 10:53 AM, Chris Hart
We crossed this bridge already but the quantity of door locks was a lot lower.
We issued 5 yr certs to the locks and told the dept. that they (or their
vendor) need to update/patch firmware on devices at least that often so they
can update the cert at the same time. Our server cert will
We have a PSK network for devices that don't support advanced EAP methods. But
students are our biggest users abroad of eduroam, and we don't push onboarding
of their devices on PSK. In fact, we make it more difficult. They must
register their devices in advance in order to get DHCP and we
Jeff,
I think that actually advanced EAP methods have turned the corner.
Manufacturers are making onboarding easier. I think you are under the
impression that configuring a device for certificates is a big process. It
takes most people less than 5 minutes, and they do this once a year.
Way back in the dark ages of Server 2003, Microsoft changed NTLM behavior.
It would not surprise me if they changed something again.
Any ways, take a look at this:
https://support.microsoft.com/en-us/kb/906305
Figure out if has any effect on the behavior.
Mike
On Tue, Nov 1, 2016 at 1:25 PM,
Our housing department is pushing pretty hard to replace keyed locks on dorm
room doors with Wi-Fi connected proximity card locks (a pilot this summer and
then eventually rolling out to ~3,000 rooms).
The locks would be “offline” locks that cache valid cards locally and only
connect to the