Restrict user to 1 connection in Zero-IT Activation

  • 1
  • Question
  • Updated 12 months ago
I'm OK with the Zero-IT set up. What I would like to know is, is it possible to restrict a user who authenticates via AD to only 1 or 2 device activations? Thanks
Photo of Nathan Kaa

Nathan Kaa

  • 7 Posts
  • 0 Reply Likes

Posted 12 months ago

  • 1
Photo of István Németh

István Németh

  • 16 Posts
  • 5 Reply Likes
Shortly? unfortunately no.however if you enforce the use of DPSK this can be possible, due to if you set max nr of devices to 2 the user will not be able to generate on third device even if he authenticate itself successfully. But again, natively only with zero-it it is not possible.
Photo of Nathan Kaa

Nathan Kaa

  • 7 Posts
  • 0 Reply Likes
Thanks for the reply :) If I used Zero-IT with DPSK where do you set number of Max devices? Also do you have to generate a batch of codes, manually set up the usernames and hand them out, or does it recognise that a username has been used twice via Zero-IT and will not assign any more DPSK codes?
Photo of István Németh

István Németh

  • 16 Posts
  • 5 Reply Likes
You've been open this thread under ZD, so I assume you've an one ... Currently I don't have ZD in front of my eyes, but it definiately can be set under WLAN settings and there you can set max nr of PSK / user.
You already mentioned about AD authentication, why you need usernames and handouts??? I don't get this, you can use DPSK generation dynamically with AD (or any) authentication services.
The authentication itself will be succesfull, however the system will not generate DPSK, therefore the user will not be able to join.

please find recommendation by the Vendor for this topic:
• Every device on the WLAN has its own unique Dynamic PSK (DPSK) that is valid
for that device only.
• Each DPSK is bound to the MAC address of an authorized device - even if that
PSK is shared with another user, it will not work for any other machine.
• Since each device has its own DPSK, you can also associate a user (or device)
name with each key for easy reference.
• Each DPSK may also have an expiration date - after that date, the key is no
longer valid and will not work.
• DPSKs can be created and removed without impacting any other device on the
WLAN
• Limit DPSK: By default each authenticated user can generate multiple DPSKs.
Select this option to limit the number of DPSKs each user can generate (1-4).