I did not know about the .mobileconfig expiration date/time, that is something I'll look into.
The other solutions are also good ideas. I think a captive portal might have to be the solution for now. Thanks to everyone. I think a feature request with Apple is in order. Either 'forget network credentials on sleep' (with a 5+ minute sleep timer) or 'forget network credentials after x minutes.' -Luke On Oct 2, 2012, at 2:37 PM, James JJ Hooper <[email protected]> wrote: >> -----Original Message----- >> From: The EDUCAUSE Wireless Issues Constituent Group Listserv >> [mailto:[email protected]] On Behalf Of Luke >> Jenkins >> Sent: 02 October 2012 16:47 >> To: [email protected] >> Subject: [WIRELESS-LAN] iPads, Labs/classroom use, 802.1x - Take >> Two >> >> This question was asked 18 months ago by William from UTA, but >> without much in the way of an answer. The replies immediately went >> down a cloudpath rabbit hole, never to be seen again. >> >> Here is what William asked, and exactly the situation my team was >> put in today: >> >> "Does anyone have experience managing iPads for classrooms (where >> an iPad is given to each user and returned at the end of the >> course, only for the next class to pick them up)? I'm interested >> in how to manage credentials in an 802.1x environment (to ensure >> actions on the network are attributable to the user at that time). >> If someone has resolved this, I'd like to speak with them, we have >> instructors working on proposals." > > Hi Luke, > A theoretical solution, off the cuff: > > * Premise: > 1) iOS 6 .mobileconfig support an expiration date/time. > > 2) You have an open 'walled-garden' or 'captive portal' SSID that hosts your > 802.1x set-up instructions or some such. > > * Method: > 1) User goes to "open-SSID" (or maybe "open-SSID" is in a non-user-removable > .mobileconfig pre-installed). > 2) User "logs in" to webSite (this enables capture and verification of their > credentials). > 3) webSite dynamically generates .mobileconfig with: > * user credentials included > * expiration time in: one hour / next standard lesson end time / user's > specific lesson end time from your DB > ...and sends this to iPad. > 4) User has to select "802.1x-SSID", and does their course things. > 5) .mobileconfig expires, iPad is "safe" ...but does profile expiration > disconnect the user? (if not could be done out of band via cronjob/scheduled > task to wireless system? ...or just encouraging the user to press the sleep > button on the iPad when done). > > > Kind regards, > James > > -- > James J J Hooper > Senior Network Specialist, University of Bristol > http://wireless.bristol.ac.uk > -- > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
