Personally, I'm a big fan of leveraging certificates for wireless 
authentication.  It completely decouples the username and password once you're 
past the provisioning process, but you can still tie your RADIUS server into AD 
to reject people with locked out accounts if you want.  Machines on a domain 
can leverage ADCS, but for BYOD devices you'll need to stand up an onboarding 
system, like SecureW2 or Clearpass.

For setup, we have an open SSID that's dual purposed with guest logins, but 
also allows access to our onboarding system.  This allows users to do it 
completely self service.

Frank Sweetser
Director of Network Operations
Worcester Polytechnic Institute
"For every problem, there is a solution that is simple, elegant, and wrong." - 
HL Mencken
________________________________
From: The EDUCAUSE Wireless Issues Community Group Listserv 
<WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Kovich Greg 
<greg.kov...@al-enterprise.com>
Sent: Wednesday, November 6, 2019 8:41 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>
Subject: [EXT] [WIRELESS-LAN] Password reset/change guidance

Hello WLAN Community,

A customer of ours has been using a captive portal to authenticate students to 
WiFi (Alcatel-Lucent branded Aruba gear).
When a student forgets or does not reset their password there is a link on the 
CP to accomplish that… unfortunately, there have been problems with the variety 
of  student device browsers, so they are considering a move to 802.1X 
authentication in the hope that this smooths out the student experience.

What best practice advice do you have for students to deal with password 
changes/resets when they can’t connect to the campus WiFi?

Thank you for any guidance you can provide!!
Sincerely,
Greg

-------

Greg Kovich
Director, North America Education Sales
Alcatel-Lucent Enterprise
ALE USA
3015 Abby Lane | Suite 301-B
Schererville, IN 46375
t:  +1-818-878-4667<tel:+1-818-878-4667>     m:  
+1-219-276-2320<tel:+1-219-276-2320>
e:  greg.kov...@al-enterprise.com<mailto:greg.kov...@al-enterprise.com>    w:  
www.al-enterprise.com<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.al-enterprise.com%2Fen&data=02%7C01%7Cfs%40WPI.EDU%7C8910f04de80845c455f408d762c06e2b%7C589c76f5ca1541f9884b55ec15a0672a%7C0%7C0%7C637086450941454521&sdata=YjEk1reDcRF%2BO10mayOUAtPdg2RSRO6uXzfoKqUOFF4%3D&reserved=0>
@ALUEnterprise
[LinkedIn]<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Falcatellucententerprise&data=02%7C01%7Cfs%40WPI.EDU%7C8910f04de80845c455f408d762c06e2b%7C589c76f5ca1541f9884b55ec15a0672a%7C0%7C0%7C637086450941464515&sdata=tYaHJTdfbwSXhJLi2NSTx40DJ9Ifb0qSNJ2mrWSMF%2Fk%3D&reserved=0>
     [Twitter] 
<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2Faluenterprise&data=02%7C01%7Cfs%40WPI.EDU%7C8910f04de80845c455f408d762c06e2b%7C589c76f5ca1541f9884b55ec15a0672a%7C0%7C0%7C637086450941464515&sdata=oQ5rqerUHwLVnHO39ur1IPZE3lYCJLKVC1RTyQ6uZak%3D&reserved=0>
        [YouTube] 
<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.youtube.com%2Fuser%2FEnterpriseALU&data=02%7C01%7Cfs%40WPI.EDU%7C8910f04de80845c455f408d762c06e2b%7C589c76f5ca1541f9884b55ec15a0672a%7C0%7C0%7C637086450941474507&sdata=fW%2By5vokedvuqLC3%2BPfw3NHr4d4bzI3p21wqt%2BDuumY%3D&reserved=0>
       [Facebook] 
<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2FALUEnterprise&data=02%7C01%7Cfs%40WPI.EDU%7C8910f04de80845c455f408d762c06e2b%7C589c76f5ca1541f9884b55ec15a0672a%7C0%7C0%7C637086450941474507&sdata=0%2FBr3kES1x6Dk2tZzyfbPMXwpSjVBdJMAzQRPFxxG0M%3D&reserved=0>
        [Rainbow] 
<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fweb.openrainbow.com%2Fapp%2F1.31.7%2Findex.html%23%2Flogin&data=02%7C01%7Cfs%40WPI.EDU%7C8910f04de80845c455f408d762c06e2b%7C589c76f5ca1541f9884b55ec15a0672a%7C0%7C0%7C637086450941484505&sdata=oi63cJai15dS%2F7KjbeuOxLw%2FaWEtRXD3Rpcx1L2e8XA%3D&reserved=0>
[https://www.al-enterprise.com/en/-/media/assets/internet/images/logo.png]<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.al-enterprise.com%2Fen&data=02%7C01%7Cfs%40WPI.EDU%7C8910f04de80845c455f408d762c06e2b%7C589c76f5ca1541f9884b55ec15a0672a%7C0%7C0%7C637086450941484505&sdata=rvO3hu1VaUOP64o7n01%2BDYhLaJveQ5Z12FiO197m4ng%3D&reserved=0>
The Alcatel-Lucent name and logo are trademarks of Nokia used under license by 
ALE.
This communication is intended to be received only by the individual or entity 
to whom or to which it is addressed and may contain information that is 
privileged/confidential or subject to copyright. Any unauthorized use, copying, 
review or disclosure of this communication is strictly prohibited. If you have 
received this communication in error, please delete this message from your 
e-mail box and information system (including all files and documents attached) 
and notify the sender by reply email.




**********
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educause.edu%2Fcommunity&data=02%7C01%7Cfs%40WPI.EDU%7C8910f04de80845c455f408d762c06e2b%7C589c76f5ca1541f9884b55ec15a0672a%7C0%7C0%7C637086450941484505&sdata=8D2rONQYxQko1KlyUYabe%2F3N%2FkdpCk4AY%2BiXrI%2FqZ2Q%3D&reserved=0>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Reply via email to