All, I recently did a presentation to the business school at University of Tennessee. UT uses eduroam as the only secure SSID. They all knew about eduroam. And when I asked the audience of 60 or so students how many knew that it works seamlessly around the world, only 3 students raised their hands! Professors knew about it but not students. In your outreach campaign/material please make sure to emphasize the roaming aspect. It is seems to be easily forgotten over time.
Thanks, Philippe Philippe Hanset www.anyroam.net www.eduroam.us > On Apr 24, 2017, at 12:11 PM, Trinklein, Jason R <[email protected]> wrote: > > We are in the process of migrating to eduroam as our primary SSID also. We > introduced eduroam to our campus in August 2016. Our original college-branded > secure wireless network was already 802.1x, so we don’t need to worry about > supporting legacy devices by holding back a legacy SSID. We did some > advertising in multiple school publications when eduroam was first turned on, > but we still only saw 1-2% of our users on eduroam. > > We are migrating from our college-branded SSID to eduroam for a few reasons: > - The two networks are functionally identical since we are using dynamic VLAN > assignment > - We can clean up wireless SSID broadcast packets by reducing the SSID count > - Migration to a single eduroam SSID seems to be the trend in higher education > - Ensures that the college community is in a position to take advantage of > eduroam, since without its wide adoption in this manner, few people would > know it was there. > > We have a 9 step approach for migrating to eduroam: > 1. Notify IT personnel and helpdesk about the change > 2. Update onboarding tools to onboard to eduroam instead of > college-branded SSID > 3. Creation of eduroam informational website, videos, and tutorials > 4. Campus-wide poster advertisement campaign > 5. Campus-wide email advertisement campaign > 6. Captive portal on college-branded SSID notifying users of upcoming > change > 7. Stop broadcast of college-branded SSID > 8. Captive portal on college-branded SSID with no internet access, > notifying users they must switch to eduroam > 9. Disable the college-branded SSID > > We expect to reach step 9 by December-January, so it’s a 10 month > transitional plan. Hopefully it introduces the least amount of confusion and > interruption to wireless service and experience. > > Our current challenges are supporting Active-Directory member computers on > eduroam, since the domain username doesn’t comply with eduroam username > formatting requirements (with the appended @domain.edu). First, the > FreeRADIUS server dumps any authentications without @domain.edu, and domain > systems’ machine accounts authenticate with a host/systemname format. I > introduced conditionals in the FreeRADIUS configuration to allow > authentication if the username begins with host/. This allows uncached user > logins from Windows by allowing the machine to associate with eduroam, > pre-login. Presently, we’re working on getting Mac domain-joined systems to > work correctly, since they try to join the wireless network with the same > username of the person who logged in, which often lacks the @domain.edu > appendage. We are investigating script options to programmatically remediate > the issue instead of relying on workforce re-education on login procedure. > > -- > Jason Trinklein > Wireless Engineering Manager > College of Charleston > 81 St. Philip Street | Office 311D | Charleston, SC 29403 > [email protected] | (843) 300–8009 > > From: The EDUCAUSE Wireless Issues Constituent Group Listserv > <[email protected]> on behalf of Marcelo Maraboli > <[email protected]> > Organization: UC > Reply-To: The EDUCAUSE Wireless Issues Constituent Group Listserv > <[email protected]> > Date: Thursday, April 20, 2017 at 5:16 PM > To: "[email protected]" <[email protected]> > Subject: [WIRELESS-LAN] Eduroam adoption (and migration process) > > Hello everyone. > > We are finally adopting EduROAM in our University and we currently have one > SSID with MAC-based authentication, so moving to EduROAM is also a 802.1x > upgrade > for us as well. > > Would you be so kind to respond a couple of questions?: > > > If you adopted EduROAM as your primary SSID: > - Did you leave an SSID for legacy devices ? (What AUTH mechanism for this > SSID?) > - How did you "force-move" your users to EdoROAM from your old SSID ? > > If you added EduROAM as just another SSID: > - why not adopt EduROAM as your primary SSID ? (Branding or no interest? ) > - Is your primary SSID also 802.1x o MAC-based ? > - if 802.1x, why have 2 SSIDs with 802.1x ? > > > thank you all, > > -- > Marcelo Maraboli Rosselott > Subdirector de Redes y Seguridad > Dirección de Informática > Pontificia Universidad Católica de Chile > http://informatica.uc.cl/ > -- > Campus San Joaquín, Av. Vicuña Mackenna 4860, Macul > Santiago, Chile > Teléfono: (56) 22354 1341 > ********** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/discuss. > ********** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/discuss. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/discuss.
