We have one issue with eduroam and AD authentication. We authenticate eduroam users to Active Directory using PEAP-mschap-v2. The issue relies at our AD domain name which is a sub domain called cfs.uoguelph.ca. If users try to login with username [email protected], the authentication will fail as the domain name does not match. We had to strip the "@uoguelph.ca" suffix on our ACS 4.2 to make it work but the same suffix stripping functionality does not exist in ACS 5.x so we have to find other alternatives. I would to know if it is a common issue in universities that the AD domain does not match the main domain? If you have the same issue, what are your solutions? Thanks.
--- Dennis Xu, MASc, CCIE #13056 Analyst 3, Network Infrastructure Computing and Communications Services(CCS) University of Guelph 519-824-4120 Ext 56217 [email protected] www.uoguelph.ca/ccs ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
