Here at Rice, we've got over 7,000 wireless users a day (All Cisco LWAPP's); and as of right now, only 1 entry for "com.apple." as a Client User Name. It's on our Visitor (no auth) network.
From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[email protected]] On Behalf Of Chuck Enfield We've had 30 clients since late November which have used an outer ID of com.apple.systemdefault at one point or another. It seems in all cases to have been an isolated instance, and none of them successfully authenticated during that session. All but one of those MACs has been on the network successfully using a different outer ID since that failed attempt. From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[email protected]] On Behalf Of Lee H Badman Not quite sure what to make of this yet. If anyone is running an 802.1x secure wireless network, can you search your wireless management systems for wireless clients called either of these: com.apple.kerberos.kdc com.apple.systemdefault we have a handful of these that are authenticating as valid user names in our Cisco wireless/ACS environment. We only auth against AD, and we typically see a mix of "real" usernames in log that will somehow correlate to these, but at the same time it's weird that these funky names are showing as valid usernames both in the WLAN system and in ACS. Web searching shows that these are some kerfuffle to do with obsolete keychain certs in the Apple OS. Wild and weird- anyone been here before? -Lee Badman ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
