21 pages

Français

DECS Mac Wireless Helper Document

ofesotan - Viano Jaksa

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

21 pages

Français

Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres

A propos
Informations
Extrait

Description

DECS Mac Wireless Helper Document

Informations

Publié par	ofesotan
Nombre de lectures	42
Langue	Français
Poids de l'ouvrage	6 Mo

Extrait

DECS DER APPLE WIRELESS HELPER DOCUMENT A GUIDE TO THE DEPLOYMENT OF APPLE MAC NOTEBOOK COMPUTERS IN DECS WIRELESS NETWORKS

 Chris Downing, Senior Systems Engineer  Viano Jaksa, Area Manager Next Byte (Education, Corporate & Government) – June 2010

N e x t B y t e ( E d u c a t i o n , C o r p o r a t e & G o v e r n m e n t ) • t e l e p h o n e : 8 3 3 8 7 3 8 5 • f a x : 8 3 3 8 7 3 4 4 • e d u c a t i o n . s a @ n e x t b y t e . c o m . a u

Introduction

How to use this document This document is intended to provide school IT administrators, support staff, teachers and IT consultants with information and assistance that will enable them to ensure that their Apple MacBook computers will be able to authenticate to the new DECS wireless networks that are being implemented in conjunction with the Digital Education Revolution (DER) project in SA schools. These networks conform to the 802.11n standard and are RADIUS-authenticated by a server that has been commissioned and set up for schools as part of this project. In this type of wireless network, each user has their own unique username and password, instead of using a shared password. This type of authentication gives two beneﬁts: the highest class of security available, and the ability to use a single sign-on for network users. These instructions are accompanied by screenshots at each step of the process, in order to facilitate ease of use and understanding. Types of laptop implementation This document outlines instructions that relate to the two most common forms of laptop deployment in schools. The ﬁrst kind can be described as a 1:1 Laptop Deployment. In this scenario, users are local users of their own computers, perhaps with administrative privileges. Their home folders reside on the local machine and not on the network (see page 2 for Step-by-Step Instructions). The second kind of laptop deployment is one where laptops are shared among users. Typically, these laptops might be in trolleys or in a central resource or storage centre and users are loaned or provided with the laptops for a deﬁned period of time. In this type of deployment, the user’s home folder resides on the network and not on the local machine (see page 5 for Step-by-Step Instructions). Additional resources For those who are unfamiliar with the Mac OS, or have little experience with Apple Mac computers, the following resources may help in providing a background understanding to the Apple-speciﬁc terms and references that are used in this document. http://www.apple.com/au/ﬁndouthow/mac/ Alternatively, Appendix 1 (see page 13) contains a glossary of introductory Apple Mac OS X terms and operations that may be a useful reference.

If you are unable to fully understand the instructions in this document and cannot resolve the issues you are having, please make contact with your school’s Apple supplier, who will be able to assist you. 1

Con ﬁ guring for Local Users (typically in a 1:1 Laptop Deployment Scenario) This section deals with instructions that will enable you to set-up Apple MacBook computers that are part of a 1:1 deployment where each user is a local user of their own laptop computer and home folders and home directories reside on the local machine and not on a network share. This section of the helper document makes the following assumptions: 1. that you are able to login to a MacBook as a local user that has administrative privileges 2. that no third-party network tools have been installed on the laptop 3. that the new wireless network, RADIUS server and certiﬁcate services have been set up and conﬁgured correctly 4. that the test user that has been created can successfully login to the network from an existing cabled desktop computer. The initial step in the successful implementation of the Apple MacBook computers in a RADIUS authenticated wireless network, is to have your deployment vendor create a test user in active directory for you. This will enable you to test and validate the RADIUS authentication of your wireless network. Step-by-Step Instructions 1. Login using your normal username and password

Switch on Airport, if it’s not already on, by clicking on the Airport icon in the menu bar and selecting Turn Airport On

Join the wireless network by clicking on the Airport icon in the menu bar and selecting the wireless network shown as School_Secure_Wireless in this example

4. 5. 6.

7. 8.

10.

11. 12.

The wireless network should challenge you for a username and password Login using the test username and password created for you (select Remember this network ) Click OK

Click the Show Certiﬁcate button

Click Continue

this example) Click OK

ted with a Verify Certiﬁcate window

local username and password (shown as My Local Account in

13.

14.

15.

16.

Select the airport icon in the menu bar and choose Open Network Preferences...

Ensure that the Airport has an IP address

Ensure that 802.1x is authenticated and is showing a connect timer

Congratulations !!!

Con ﬁ guring for Network Users (in a managed environment) This section deals with instructions that will enable you to set-up Apple MacBook computers that are part of a shared laptop deployment, where users share laptops that might be in trolleys or be part of other loan arrangements. In this type of deployment, users may login to different laptops and each laptop may accommodate a number of different users. Each user in this type of deployment logs in to a network directory and therefore the user’s home folders and home directories reside on your school’s server and not on the local machine. This section of the helper document makes the following assumptions: 1. that you are able to login to a MacBook as the local administrator 2. that you are able to login to Active Directory as a domain administrator 3. that the MacBook used for testing is running an unaltered installation of 10.6.1 (or later), as a fresh, or out-of-the-box machine 4. that the new wireless network, RADIUS server and certiﬁcate services have been set up and conﬁgured correctly 5. that a test user that has been created in Active Directory and can successfully login to the network from an existing cabled desktop computer. The initial step in the successful implementation of the Apple MacBook computers in a RADIUS authenticated wireless network, is to have your deployment vendor create a test user in active directory for you. This will enable you to test and validate the RADIUS authentication of your wireless network. Step-by-Step Instructions 1. Login using the local administrator username and password

2. Switch on Airport, if it’s not already on, by clicking on the Airport icon in the menu bar and selecting Turn Airport On

3. o n t e w re ess networ y c c ng on t e rport icon in the menu bar and selecting the wireless network shown as School_Secure_Wireless in this example

4. 5. 6.

7. 8.

9. 10.

11. 12.

The wireless network should challenge you for a username and password Login using the test username and password created for you (note: select Remember this network ) Click OK

Click the Show Certiﬁcate button

Click Continue

example) Click OK

nted with a Verify Certiﬁcate window

d password (shown as Local Administrator in this

13.

14. 15. 16.

17. 18.

Select the Airport icon in the menu bar and choose Open Network Preferences...

Ensure that the Airport has an IP address Ensure that 802.1x is authenticated and is showing a connect timer select Advanced in the bottom right of the window

n t e resu t ng w n ow, c ec t at your new w re ess network is now in the list of preferred networks Select the 802.1X tab

19. 20.

21.

22.

23.

Note the User Proﬁle (on the left hand side of the window) for your new wireless network click the “ +” button in the bottom left of the proﬁles list

From the popup menu, select Add Login Window Proﬁle

Rename the Login Window proﬁle to temp

Select and drag the user proﬁle for your new wireless network and drop it on Login Window Proﬁles as shown

24. 25. 26.

27.

28.

Select and remove temp from the Login Window Proﬁles list (using the “ -” button) Remove the username and password Click the Conﬁgure Trust... button

In the resulting window, click “ + ” and choose Select Certiﬁcate From Keychain

In the resulting window, select the certiﬁcate from your RADIUS server and click OK ( shown as Server.domain in this example)

Univers
Ebooks
Livres audio
Presse
Podcasts
BD
Documents

DECS Mac Wireless Helper Document

YouScribe

Le catalogue

Le service

Les conditions