  |
1)Entry-User connects to SU network with an unkown Mac Address
|
|
|
|
DHCP:server checks ipaddress and
|
|
 |
1a) Redirect to Residential Computing (128.12.*residential)
|
|
|
|
(1b) Present Welcome Page -- Got SuNetId?
|
|
|
|
2 Yes SUNetID
|
|
|
|
4 User sent to Weblogin for authentication
|
|
|
|
4a succsessfull authentication...click to cont..
|
|
|
|
5 Business Logic for web for picking a hostreg template
|
|
|
|
5a Get Headers
REMOTE_ADDR
REMOTE_USER
Apache - mod_lap provides these headers
displayName
ou
suPrimaryOrganizationID
suAffilation
suSunetID
suGwAffilation
|
|
|
|
5b if (!ip_in_network(172.0.0.0/8,$remote_ip) ) {
die "Your IP $remote_ip is not on shadow net"}
get all hostreg templates names associated with users PrimaryOganizationID
get all hostreg templates names who's $REMOTE_ADDR is in the Address Space
|
|
|
|
5c Present User with --- Pick "Department"--List is built from above data (pick-dept.jsp)
|
|
|
|
5d Base on departmental choice -- read hostreg template and build request.jsp web page
|
|
|
|
6 request.jsp
|
|
|
|
Present registration form to user. . more than one form?
|
|
 |
7 Process request
|
|
|
|
a)Get Headers (again)
REMOTE_ADDR
REMOTE_USER
HTTP_USER_AGENT
Apache - mod_lap provides these headers
displayName
mail
|
|
|
|
b)get OS from browser (HTTP_USER_AGENT)
|
|
|
|
c)get MAC address from REMOTE_ADDR
|
|
|
|
Login intp DHCP and find REMOTE_ADDR
|
|
|
|
No Remote ADDR --- error
|
|
|
|
return Mac Address
|
|
|
|
d)Determine if wired/wireless
|
|
|
|
!ip_in_range(172.20.32.0--- 172.20.63.255.) ) -- node is wired
|
|
|
|
e)Unix -Register Node
|
|
|
|
i)register wired interface with
static IP, DCHP, no roaming.
ii) register wireless interface with
static IP, DCHP, roaming.
|
|
|
|
f)Mac/Windows -Reserve Node
|
|
|
|
i)reserve wired interface with
static IP, no DCHP, no roaming.
ii) reserve wireless interface with
no static IP, no DCHP, no roaming.
|
|
|
|
8 Unix Machines ... thanks for registering
|
|
|
|
display reciept.jsp
|
|
|
|
mail user
|
|
|
|
mail admin
|
|
|
|
9 )Mac/Windows click download for scrubber
|
|
|
|
3 NO sunetid
|
|
|
|
3a Wireless users sent to to Wireless Guest/Perfigo
|
|
|
|
3b Wired users -- out of luck no guest access
|
|
|
|
10 HCT (Health check tool) connects request policy-- sends ipaddress and MAC address
|
|
|
|
11) Look up the mac address in NetDB -- to get node template then package the security policy post back to HCT
|
|
|
|
12)HCT Post completion include
ip-address, all mac address
|
|
|
|
13)Activate Node
|
|
|
|
a Wired
|
|
|
|
i)single interface
static ip, dhcp, no roaming
|
|
|
|
ii) multiple interface 1 static ip, dhcp, roaming,
all others dhcp, roaming
all others static ip, dhcp, roaming
|
|
|
|
b Wireless
|
|
|
|
i)single interface
no static ip, dhcp, roaming
|
|
|
|
ii) multiple interface
wireless interface no static ip,
dhcp, roaming
all others static ip, dhcp, roaming
|
|
|
|
14) Post back to HCT upon compeletion
|
|
Last modified Tuesday, 21-Feb-2006 12:36:45 PM
internal
