This role is assigned to workstations (Windows, macOS, Linux) that are well-managed by Ohio State IT (Information Technology) teams and are assigned to an individual faculty, staff, or student employee. Most employee-assigned managed workstations will be assigned to this network role. Certificate authentication and authorization (via Shared Directory and Endpoint Services) is required, however temporary authorization through device registration is available for the IT Service Desk to facilitate break-fix work and re-imaging of workstations.
This role is assigned to workstations (Windows, macOS, Linux) that are well-managed by Ohio State IT (Information Technology) teams and are assigned to an individual faculty, staff, or student employee. Most employee-assigned managed workstations will be assigned to this network role. Certificate authentication and authorization (via Shared Directory and Endpoint Services) is required, however temporary authorization through device registration is available for the IT Service Desk to facilitate break-fix work and re-imaging of workstations.
Network role at a glance:
- Wi-Fi (eduroam) and wired connectivity options available
- Public IP addressing
- DHCP reservations are not supported. Dynamic DNS used instead
- All outbound traffic permitted
- Inbound traffic limited to management tools
Network Role Characteristics
Aliases for this role include
- standard workstation
- osulan-standard
- osulan-employee
Network Traffic Permissions
No outbound traffic limitations are applied to this network role.
Inbound traffic is limited to:
- IT management tools (e.g., Active Directory, Config Manager, Jump hosts, etc.)
- Remote access tools (e.g., Guacamole, RDP gateway, etc.)
How to Connect
Ohio State IT staff must configure the device to use a computer certificate to connect successfully to this network role. The device’s certificate must be issued and chained to a root that has been trusted by OTDI (Office of Technology and Digital Innovation) network authentication and authorization services. If the device is bound to Shared Directory and Endpoint Services (including Ohio State’s Jamf), that trust is already in place. Reach out to OTDI Networking for any questions regarding certificate issuance for network authentication and authorization.
Once configured, connect the device to the wired port on OTDI's Managed Network Service or choose eduroam from the list of Wi-Fi networks.
IP (Internet Protocol) Addressing
Devices placed in the standard workstation role are assigned to publicly routable IP address space. All IPv4 addresses are dynamically assigned through DHCP, and address reservations are not supported. IPv6 addresses are established through IPv6 route advertisements and neighbor discovery processes.
After receiving an IP address, the campus DHCP service will dynamically create a DNS A record for the endpoint in the DNS zone bcd.it.osu.edu. For example, an endpoint with hostname “OH12345678” would have a DNS record of OH12345678.bcd.it.osu.edu. In the event the endpoint has no configured hostname, the mac address of the device will be used instead
Additional Information for IT Teams
This network role is the most assigned role for managed workstations. CMDB configuration records in Service-Now for these standard workstations will indicate a Network Role value of “Standard”.
For situations where a device is misconfigured and needs to be reconfigured in the field, a registration process for standard workstations is available for OTDI’s IT Service Desk desktop support staff.
- Log in to MyDevices with your administrative account (name.#a)
- Choose NET-Edge-Standard for the network role when registering the MAC address of the standard workstation
Registrations made in this way are temporary and only valid for one week.