At Ferris State University, the network implements a system called Cisco Clean Access (CCA). This is a system designed to keep all Windows-based computers up-to-date, secure, and authorized to use the network. On the Windows-side of things, it works decently. All that is truly required is the installation of Clean Access Manager, Norton Antivirus, and setting up your Windows Update settings to point to FSU's Windows Update Server.
This is totally different if you use a Mac (or Linux, or any other OS). While there is technically a Mac client for CCA, it does not work as well as the Windows-based client. Luckily, there is still a backup plan for other operating systems: CCA will redirect you to a web-based login page, you fill in your user credentials, and bam! you're on the network. Only a few caveats:
To get around most of these issues, I came up with a script to automatically login with my iMac. Essentially, it's just a shell/bash script that is executed by launchd (you could use Cron on *NIX) every 5 minutes.
I set this up using launchd, which is Apple's recommended task scheduler. To do this, I used Lingon (now discontinued), but you can manually set it up as well:
Copy the login script into /Library/Scripts/Shell/
with the name
FSUNetworkLogin.sh
be sure to change your username and password:
#!/bin/bash
# STARTING AUTHORIZATION
logger -i -s "FSUNETWORKLOGIN: Automatically Logging into FSU Network…"
# GETTING THE ADDRESS FOR AUTHORIZATION
AUTHREDURL=`curl -s http://www.google.com | grep -o URL=.\*\\<\/head##"`
if \[ "$AUTHREDURL" != "" \]; then
logger -i -s "FSUNETWORKLOGIN: AUTHREDURL=$AUTHREDURL"
SUBDOMAIN=`echo $AUTHREDURL | sed -e 's#URL=https://##' -e 's#\.ferris.\*##' -e 's#https://##'`
logger -i -s "FSUNETWORKLOGIN: SUBDOMAIN=$SUBDOMAIN"
CM=`echo $AUTHREDURL | sed -e 's#https://##' -e 's#\[A-z0-9./\]\*?cm=##' -e 's#&uri=\[A-z0-9./%\]\*##'`
logger -i -s "FSUNETWORKLOGIN: CM=$CM"
S3=`curl -s $AUTHREDURL | grep -o 'value="-\?\[0-9\]\+" />' | sed -e 's#value="##' -e 's#" />##'`
logger -i -s "FSUNETWORKLOGIN: S3=$S3"
# GETTING AUTHORIZATION VARIABLES
# ACTUAL FORM VALUES
USERNAME="username" # CHANGE TO YOUR USERNAME
PASSWORD="password" # CHANGE TO YOUR PASSWORD
PROVIDER="Authentication Cluster"
# HIDDEN FORM VALUES
GUESTUSERNAMELABEL="Guest ID"
GUESTPASSWORDLABEL="Password"
PASSWORDLABEL="Password"
USERNAMELABEL="Computing ID"
REGISTERGUEST="NO"
COMPACT="false"
PAGEID="-1"
INDEX="7"
PM=""
SESSION=$S3
USERIP=$IP
URI="http://www.google.com/"
REQFROM="perfigo\_login.jsp"
CM=""
FULLSTRING="username=$USERNAME&password=$PASSWORD&provider=$PROVIDER&guestUserNameLabel=$GUESTUSERNAMELABEL&guestPasswordLabel=$GUESTPASSWORDLABEL&passwordLabel=$PASSWORDLABEL&userNameLabel=$USERNAMELABEL&registerGuest=$REGISTERGUEST&compact=$COMPACT&pageid=$PAGEID&index=$INDEX&pm=$PM&session=$SESSION&userip=$USERIP&cm=$CM&uri=$URI&reqFrom=$REQFROM"
logger -i -s "FSUNETWORKLOGIN: FULLSTRING=$FULLSTRING"
# SENDING AUTHORIZATION
STATUS=`curl --max-time 60 --connect-timeout 30 -A "Mozilla/4.0" -d "$FULLSTRING" https://$SUBDOMAIN.ferris.edu/auth/perfigo\_cm\_validate.jsp`
logger -i -s "FSUNETWORKLOGIN: Status=$STATUS"
else
logger -i -s "FSUNETWORKLOGIN: Could not complete; you may already be logged in or the internet connection is not available."
fi
# Maybe this will fix the weird launchd things sleep 10 exit 0
Create a new file in /Library/LaunchDaemons/
called
edu.ferris.network.automaticlogin.plist
, and paste this into it:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Disabled</key>
<false/>
<key>Label</key>
<string>edu.ferris.network.automaticlogin</string>
<key>ProgramArguments</key>
<array>
<string>/Library/Scripts/Shell/FSUNetworkLogin.sh</string>
</array>
<key>StartInterval</key>
<integer>300</integer>
</dict>
</plist>
Open a terminal and make sure that permission are correct:
cd /Library/Scripts/Shell/ sudo chmod 755 FSUNetworkLogin.sh
Either logout and log back in, or open terminal and issue this command:
launchctl load ~/Library/LaunchAgents launchctl list
Done! This should log you in every 5 minutes. On occasion, you may experience the login screen, but for the most part you should hardly ever see it.
For me, this has worked out great. My home setup is pretty elaborate (for just a college residence):
So all I have to do is use my iMac to run the script every 5 minutes and all other devices on my network can use the Internet without having to login. Another awesome benefit is that I know my iMac will be connected and authenticated to the network, so I can access it from anywhere on campus (i.e. file server).
I hope this can help at least someone out. Good luck! Any suggestions or questions, leave a comment.