Years ago we replaced our wireless network. It was… fine, I guess. As a team we worked with the vendor to rip out the existing installation and install something much more comprehensive. I was asked to take on the BYOD part.
There’s always going to be some bumps in the road with any project but you hope to work through with the supplier, as if you’re travelling in the same direction to your goal.
I hit a roadblock.
We want to introduce shared tablets in one area. So we have a pool of devices people will use their domain logins for. In trialling this I come across a scenario that will become an issue. So I call their support.
Hi. We have these shared tablets for BYOD. We need to log off the previous user’s wireless connection to prevent user2 from logging into the device without being authenticated for connection by user1.
“Yes no problem, user1 can just log out of the network”
Yes I understand that but user2 will not be able to.
“Anyone can log off”
The device locks after inactivity. The next person to use the device needs a way to authenticate to the network without using the previous user’s network connection.
“Yes, they can log off”
But you have to log into the device to do that.
“Yes, then log off”
But then user2 is using user1’s wireless authenticationed session.
“Yes you can log in to the device and disconnect from wireless, by logging off”
Which is a security risk. Users are not going to do that. Every user will log into the device and carry on with user1’s wireless session.
“And they can log off any time”
(Are you fucking kidding me?) That is unacceptable. That is terrible security practice and is not an option. We need a way to force users to use their own credentials for both the device and the network.
“Yes they can log in to the device and log off the wireless”
No you don’t understand the problem I’m describing.
“I understand completely. You want to log off user1’s wireless session. Any user can log off”
But they will be using user1’s network session to log into the device. It is not acceptable for any user to use another user’s credentials for any purpose at any time.
(Repeat that last part three or four times in your head, to save having to read it)
I’m telling you, you don’t understand the problem I’m describing.
“I understand perfectly, you simply need to log off…”
HOW? Without using user1’s wireless session to log in? There is no way from the lock screen to disconnect or reauthenticate to the wireless network? How does user2 use their credentials to login without using user1’s connected session??
“Well then user1 must log off the wireless”
And where (THE BASTARDING BASTARDING BASTARDING CUNTING FUCK) is user1, please?
“I’m sorry I don’t understand”
Yes. I said as much several times. User1 returns the device to the pool without logging off. Lets assume they have gone home for the day and are unavailable. The next user must log into the wireless network with their own login before logging into the device.
“If user1 cannot log off wireless how can user2 connect without using user1’s wireless session?”
That is exactly what I’ve been asking you this entire call.
“…OH!”
Well we got there in the end. By which I mean he finally figured out what I was saying. It’s that long ago I don’t remember the solution or if there even was one.
ronswansoniknowmorethanyou.gif
With tech support as good as that, who needs saboteurs?