menu

Frequently Asked Question (FAQ)


Categories


Account

Account

I forgot my password.

Please come to RCACI desk (Room I-24) with your student ID.

* If you have already set up a password reset email address, you can reset your password yourself. Please see here for details.
* JAIST-SSO authentication failure can also be due to something other than a password. See the FAQ "'AUTHENTICATION FAILED' is displayed.".

I am XXXXXXX (Employee type). Which IT services of JAIST (Microsoft Office, MPC Server, etc.) can I use?

There are various types of employees at JAIST, and the IT services available vary depending on your employee type.

For example, for Microsoft o365, check this page. 

https://www.jaist.ac.jp/iscenter/en/software/microsoft/

And, You can check the IT services currently granted to you by self-maitenance screen.

Please login to the self-maintenance screen from the following page and check the available services (jaistAllowedService).

https://www.jaist.ac.jp/iscenter/en/useraccount/modifyattr/

 

 

How to check passwords saved in your Web browser

Please see the following pages for each browser.

 

JAIST-SSO

JAIST-SSO

"AUTHENTICATION FAILED" is displayed.

The cause of the "AUTHENTICATION FAILED" message varies depending on the usage environment. Please refer to the following page.
When login fails in JAIST-SSO

The message "Unknown Error. Please contact Administrator" is displayed.

    Please try the following:

    (If you have this problem with a device and procedures that have been working fine until now, please try "3. Disable security software".)

     

    1. Try authentication in an environment where past authentication information has been deleted
      Please try JAIST-SSO authentication using private window mode or a web browser different from the one you normally use (e.g. Chrome or Firefox if you normally use Edge).

    2. Try authentication on another device
      If you have a different device than the one causing the problem (e.g., a smartphone if the problem occurs on a PC), please try authentication on that device.

    3. Disable security software and try authentication
      We have confirmed cases where "Unknown Error" occurs due to security software. Please disable your security software and try authentication.
      Alternatively, please set the "443/tcp (HTTPS)" communication of "auth.jaist.ac.jp" as an exclusion list (e.g. white list, not subject to inspection, etc.) and try authentication.

    4. Try accessing each service from the links on this web page.

    5. If you are using a non-JAIST SSL-VPN, disconnect and try accessing
    After entering the OTP, "INVALID OTP CODE" will be displayed.

    "INVALID OTP CODE" is displayed when the One Time Password (OTP) you entered is not correct. The following are possible causes

    • You have entered an expired OTP.

    One-time passwords are valid for a certain amount of time (a few tens of seconds). Try entering an OTP that has just been issued.

    • The time setting of the device is not correct.

    OTPs are generated based on time. If the date and time settings of the device generating the OTP are not correct, the OTP generated by that device cannot be used. The time zone must be set to Japan time when you are in Japan.

    If you have your digital certificate, you can import it into your browser and present it to log in without being asked to enter the OTP.

     

    [If you have a postcard with your Secret key]

    Please register another device as an OTP-generating device (Click here to see how to register). OTP will generate the same value on any device/app when the secret key and time are the same. Compare the values of the two devices, and if different OTPs are generated, it is possible that the time setting or the private key is wrong.

     

    In WinAuth (Windows OTP generation application), you can check the Secret Key by following the steps below.

    1. Start WinAuth, place the cursor on the OTP code and right click.
    2. Click "Show Secret Key...".
    3. When prompted for a password, enter your WinAuth password
    4. Compare the displayed Secret Key with the Secret Key written on the postcard.
      If the strings are different, the OTP has not been registered correctly and you need to register again.
    Unable to access services from bookmarks

    Please try to access from the URL written on this website.

    The URLs of various services (WebMail, online storage, SSL-VPN, etc.) are subject to change due to system updates. For the various services that require authentication by JAIST-SSO, the JAIST-SSO screen will be displayed after accessing each page, but you should not bookmark this page. If you want to bookmark this services, please register the URL used in the this website (you can check it by right-clicking the link and clicking [Copy Link]).

    The message "You are not authorized to use this service" is displayed.

    You are not authorized to use the service you are accessing.
    Please see the page of each service and check if you are included in the target group.
    You can check the usage rights for each service on the "Available Service" of Self-Maintenance page.

    If you are the target person but do not have the right to use the service, please contact us.

    I bought a new smartphone. How do I get a one-time password?

    When you renew your PC/smartphone used as an OTP device, please transfer the OTP to a new PC/smartphone.

     

    • If you have the "Secret Key for TOTP (Time-based One-time Password)" postcard

    If you have a "Secret Key for TOTP (Time-based one-time Password)" postcard and have not deleted the setting, please refer to the following page to set up OTP.
    How to set up One-Time Password (OTP) using postcard

    • If you have an old device

    If you have an old PC/smart phone that has been used as an OTP generation device, please refer to the following page.
    Exporting One Time Passwords (OTP)

    • If you don't have the postcard or the old device

    Please delete and re-register your current OTP on the campus network.
    Deregister authentication factor
    One Time Password authentication device registration procedure

    Can I have multiple terminals to generate one-time passwords?

    Yes, you can.

    OTPs are generated using a private key and time.
    The same OTP can be generated at the same time on multiple terminals if the same private key is used to set it up.

     

    If you have a "Secret Key for TOTP (Time-based one-time Password)" postcard and have not deleted the setting, please refer to the following page to set up OTP.
    How to set up One-Time Password (OTP) using postcard

     

    If you have an OTP-generating terminal, please refer to the following page to export the QR code or secret key string and set it on another device.
    Exporting One Time Passwords (OTP)

    I lost my OTP postcard. Can I have it reissued?

    You cannot receive the "Secret Key for TOTP (Time-based One-time Password)" postcard again.

    If the postcard is lost without setting the OTP, or if the device to which the OTP is registered fails after the postcard is discarded, follow the steps below to reconfigure the OTP.
    * If you do not have a valid client certificate or FIDO2 settings, you will need to come to JAIST campus to reconfigure.

    1. Deregister authentication factor
    2. One Time Password authentication device registration procedure

    Network

    Network

    I cannot connect to JAIST Wi-Fi

    If you don't know How to connect to JAIST Wi-Fi.

    Please read this page "How to connect to JAIST Wi-Fi".

    If you cannot connect to Wi-Fi after configuring the settings.

    Make sure that the certificate has been imported.
    Please accsess UPKI_Manual (Windows / macOS) to see the "Checking the Certificate (PKCS#12 file)" section.

    If you can connect before but suddenly cannot connect to JAIST Wi-Fi.

    Please make sure that the imported certificate is valid.

    If you cannot connect after renewing the certificate.

    After renewing the certificate, please refer to the following page to modify your Wi-Fi settings.
    How to Replace Digital Certificates for Wi-Fi

    Guests from other universities want to use the network.

    Preparation is required for off-campus users to use the JAIST network.

    ・eduroam

    eduroam (education roaming) is the secure, world-wide roaming access service developed for the international research and education community. Members of eduroam participating institutions can use "SSID:eduroam" at JAIST by setting up eduroam usage at their own institutions in advance.
    eduroam JP Participants
    Map of eduroam participating countries and regions

     

    ・eduroam-ID for visitors

    Faculty and staff can issue "Visitor's eduroam-ID" to guests, and guests can use the Wi-Fi.
    This service is available without application to RCACI and is recommended for urgent guests or a few guests.
    * You must issue one eduroam-ID for visitor per one guest.
    eduroam-ID for visitors

     

    Also, guests staying at the JAIST International Seminar House will receive a Wi-Fi account that can be used on campus at JAIST only during the period of their stay.

     

    Note that these networks are for off-campus users, and access to campus-only systems is restricted.

    I would like my own static IP address in the student dormitory.

    In the student dormitory, IP addresses cannot be allocated in a static manner.

    I would like to obtain 5 or 10 IP addresses in the student dormitory

    As far as concerned, there is no restriction to this kind of usage. However, if everyone starts doing the same thing, the student dormitory connection will collapse as a whole. Since all rooms share a common IP address, please try to use it moderately. In cases where excessive use is noticeable (as judged by the Research Center for Advanced Computing Infrastructure), we will suspend or limit the connection.

    How do I find my Mac address?

    Windows XP/vista/7

    1.
     [Start] → [Programs] → [Accessories] → [Command Prompt]
    Please enter "getmac /v /fo list". The "Physical address" is the MAC address.

    Image here
     

    2.# Those who have LAN network connection#
    "Physical address" is the MAC address of the wired LAN which is several lines under the "Local Area Connection" section

    # Those who have a wireless network connection #
    "Physical address" is the MAC address of the wireless LAN which is several rows under the "Wireless network connection" section

     

    Macintosh(OSX) System Preferences Search

    1.Select [System Configuration] → [Network].

    2. # Mac OS X 10.5 or later #
    Select Ethernet (for wired LAN) or AirMAc(for wireless LAN) and go to "Detail" at the bottom right.
    The contents of [Ethernet ID] or [MAC address] displayed when right clicking on Ethernet is the Mac Address.

    # Mac OSX 10.3 - 10.4 people #

    Change the [Display] menu to built-in Ethernet (for wired LAN) or AirMac(for wireless LAN).
    The Mac Address is the content of [Ethernet ID] displayed when clicking on Ethernet which is at the rightmost .

    # Mac Ox 10.2 Who #
    Change the [Display] menu to built-in Ethernet (for wired LAN) or AirMac(for wireless LAN)
    Select the TCP / IP tab. The displayed content of Ethernet address is the MAC address.

    Macintosh (OSX) Search by  terminal
    Go to Macintosh HD> Applications> Utilities> Terminal,
    If ifconfig -a is executed, the item of either is the MAC address.
    In many cases, en0 is a wired LAN and en1 is a wireless LAN.

    Macintosh (OS 9 or earlier)
    [Apple Menu] → [Apple System · Profile] → [System Characteristic] → [Network Outline] → [AppleTalk] → Hardware Address This hardware address is the MAC address.
    Or you can check it with Control Panel -> AppleTalk -> "File" -> "View Information" control panel -> TCP / IP -> "File" -> "View Information".

    Are there other mnemonic names for MAC addresses?

    Yes, depending on the OS, it is sometimes written as physical address, Ethernet address, Ethernet ID, hardware address, etc.

    I handed over my PC. Should I delete the terminal information from Network Registration System?

    Yes, if you do not delete it will remain registered as your terminal. If a virus infection is suspected or P2P unauthorized use on that PC within JAIST, you may be held liable.
     

    I want to connect Wi-Fi to my new PC.

    In order to use JAIST Wi-Fi, you need to import your digital certificate into your PC.

    • When you want to continue to use your old PC

    ①Export the digital certificate that your old PC has.
    (Be sure to select "Export secret key.")

    ②Import the exported digital certificate to the new PC.

    ③Set up JAIST Wi-Fi on the new PC.

    • When you do not use the old PC / When the certificate could not be exported

    ①Revoke the digital certificate you are currently using.

    ②Issue a new digital certificate.

    ③Import the issued digital certificate to the new PC.

    ④Set up JAIST Wi-Fi on the new PC.

    [When you want to use the digital certificate on the old PC]
    ⑤Delete the revoked digital certificate on the old PC, and import the newly issued digital certificate.

    ⑥Set up JAIST Wi-Fi on the old PC.

    Please refer to the following page for the specific method of each procedure.

    If you are not sure how to operate the system by yourself, the help desk will support you. Please bring your old PC and new PC to the reception desk of the RCACI.

    What is the IP address range assigned to the student dormitories?

    From 150.65.108.11 to 150.65.110.97 ; About 599 addresses

    Network Registration System

    What is the network connection application system?

    It is a system for applying to connect a terminal to the network. It is to substitute for submitting conventional network connection application form.

    Is the network connection application system for general network connectivity?

    No. At  Apr 2020, it is applied only to the wired LAN of JAIST house and student dormitories 1-8. It is not applicable for wireless LAN. We are going to expand the scope to whole schools

    Are there an expiration date for registered terminal entry?

    Yes. The validity period is one year from the registration date

    Can I extend the term of validity?

    Yes. You can apply for extension at any time. Every time an extension request is made, one year after that date will be set as the expiration date.

    What happens when the validity period expires?

    It will be handled in the same way as an unregistered devices and will be only be able to access the network connection application system.
    Please register your devices again.

    "There is a duplicate in the entries or the pending applications of the entered MAC address".

    Please check the registered device list screen to see if you registered the same MAC address previously. If it is not there, it is thought that someone else registered by mistake. In that case, please let us know the MAC address you tried to register and your account to the Information Society Infrastructure Research Center.

    Is there an upper limit to the number of terminals that can be registered?

    Yes, it will be displayed as the "maximum registered number" on the registered device list screen.

    How many devices I have registered can be connected simultaneously?

    As of now no limit is placed on the number of units. However, extreme things may have an adverse effect on others, such as pressing down on the number of free IP addresses, so please use it moderately. It is intentionally being applied such restrictions at RCACI.

    Is it necessary only for PC to register?

    No. In principle, registration is required for all devices that need IP address assignment. Registration is necessary for routers and network compatible printers.

    Mail

    Mail

    I cannot access email

    [If you usually use mailer (POP/IMAP)]

    Please wait for a while, and then try again.
    When you can not access to your account 1 hour after blocking, please contact us.

    *For those who have recently changed your password*
    For mailers that set the password in advance, please check the settings of your mailer after changing your password. When you change the JAIST account password and do not modify the mailer password, the mailer will continue to use the incorrect password (the password before the change), and email will not be able to be sent or received.

     

    [If you usually use WebMail]

    If you see the screen after lockout, please contact us.

    If you are not using POP/IMAP, please consider disabling the POP/IMAP.
    Reference: POP / IMAP disabled / enabled

    If you fail to authenticate (JAIST-SSO) when accessing Webmail, please see the following page.
    When login fails in JAIST-SSO

    I want to switch the mail reception protocol from POP to IMAP and move the mail received thus far by POP to the IMAP mail server

    The procedure is roughly as follows:

    1. Create an account for new IMAP reception. (Please make it on the e-mail software you use when receiving with POP.)
    * Even after changing the settings to stop the automatic mail reception by POP, some mail may still be received by the POP by mail server. So let's enable "Leave copy of mail on server" setting so that mail will stay in the server.


    2. Create a new folder in the earlier created account (= make it on the mail server).

    3. Copy the mail received by POP to the created folder.

    4. When copying of all the mails is completed, delete the POP setting.

    About the protocols supported by the mail server

    Our mail server supports the following protocols

    Incoming mail server settings

    Protocol

    Incoming mail server name

    Port number

    Security

    IMAP4(Recommended)

    imap.jaist.ac.jp

    993

    SSL

    143

    TLS*

    POP3

    pop.jaist.ac.jp

    995

    SSL

    110

    TLS*

     

    * External networks only

    Incoming Mail Server Settings

    Protocol

    Incoming Mail server name

    Port number

    Security

    SMTP

    smtp.jaist.ac.jp

    587

    TLS, SMTP AUTH(LOGIN)

    465

    SSL, SMTP AUTH(LOGIN)

    I cannot receive an email on the PC mail client that I deleted on WebMail

    The mail in the WebMail inbox displays the mail on the mail server.
    Therefore please not that if you delete mail on WebMail before receiving it with the PC email software, you will not be able to see it in the PC mail client.

    I got an e-mail saying that a virus was detected

    All emails sent to and from our university are checked for viruses.
    When a virus is detected in an email, it is delivered to the recipient in the following form.


    <Example> For EICAR Test String file

      Insert [WARNING: VIRUS REMOVED] in the subject, and deliver it.


     From: Sender's email address (※ The email address may be a spoof depending on the virus, so please be careful)
     To: Recipient email address
     Date: Date
     Subject: [WARNING: VIRUS REMOVED] Subject
     ----
     Body of message
     ----

    Attached file (Removed Attachment.txtl)

    This attachment contained a virus and was stripped.
        Filename: test.txt
        Content-Type: text/plain
        Virus(es): EICAR-AV-Test

    How do I set up mail software?

    Please look at the basic information on this page  and setting up the mail software on this page.

    Can I change my email address?

    Only people whose User ID is based on student ID number can change their email address.
    If you wish to do so please access this page

     

     

    I want to use the e-mail address I used for master's program for doctoral program.

    If you got a new user account by go on to the doctor course, you can move email address from the old one to the new one.

    For more information, please see the "Email Address Registration" page.

    Mailing List

    Tell me about major mailing lists addressed to students/faculty/staff.

    For the main mailing lists of the faculty and staff, please contact the General Service Section, General Affairs Department.
    For students' main mailing lists, please contact the Educational Service Section, Educational Affairs Department.

     

    List of Primary Mailing Lists (Internal Use Only)

     

     

    Can I confirm if the email was sent to Members (Subscribers)?

    If you are the Administrator (Owner) of the Mailing List, you can.
    Log in the system and choose the list to confirm from "My lists" or "Search for List(s)" in Menu at the upper part of the screen. Click "Error rate: xx%" in Menu at the left side of List Home screen to find the mail addresses of Members (Subscribers) who fail to receive the email if any.

    Unable to send or receive attachments to mailing list addresses

    Maximum data size to send to a ML address is 15 MB (the sum of an attached file and mail text message). If you want to send/receive a large file of more than 15MB, please use JAIST Online Storage System.

    Please also read "Failing to send a mail to ML".

    What is the mailing list xxx-request@ml.jaist.ac.jp?

    The mailing list "xxx-request@ml.jaist.ac.jp" is an email address addressed to the owner of the mailing list "xxx@ml.jaist.ac.jp". It is automatically created when you create a mailing list.

    Please note that if you send an email to "xxx-request@ml.jaist.ac.jp", it will not reach the member of "xxx@ml.jaist.ac.jp".

    Digital Certificate

    Digital certificate/PKI

    I would like to confirm whether my digital certificate has been successfully imported

    1. Web browser

    For Firefox

    Select the "Tools" tab → "Options" → "Advanced" → "Certificates" and press the "View Certificates" button and then "Your certificates" column.

     

    For Internet Explorer,

    Select "Tools" → "Internet Options" → "Content" tab and press "Certificates" button. It will be shown in the "Personal" column.

     

    For Safari (Mac OS X)

    Open "Keychain Access" (in Applications / Utilities) and search for client certificates. Clicking on the "My Certificate" category makes it possible to see to available client certificates.

     

    For Safari (Windows OS)

    Please refer to the contents of "InternetExplorer".

     

    2. Mail software

    In the case of Thunderbird, Select "Certificate" tab of "Tools" → "Options" → "Details" and press the "Show Certificates" button. You will see it in the column of "Your certificates".

    I would like to use the digital certificate on multiple computers (browser, mail manager).

    Please import the downloaded digital certificate (with .p12 extension) into to the browser or mail program that you plan.
    If you do not have the digital certificate file at hand or you deleted it, please refer to "I want to retrieve the issued digital certificate file again".

    I received an email that the digital certificate is about to expire. What should I do?

    You will receive a notification email within one month of the expiration date of the digital certificate. To continue using the digital certificate service, you need to go through the "application for renewal" process.

    1. Access the digital certificate management system (accessible only from the campus network)
    2. Enter your username and password to login
    3. Press the "New application / renewal application" button to acquire a new electronic certificate
    What is PKI?

    PKI (Public Key Infrastructure) is the "infrastructure" of internet security using public key cryptography technology.

    By using this PKI security infrastructure, it is possible for users to use applications and communicate more securely.

     

     

    What is the "password" for issuing/importing certificates?
    • When you are asked for password at 【STEP1】 on the National Institute of Informatics page.

    If the screen of "【STEP1】認証情報パスワードを入力" is displayed, the certificate issuance process has failed. (In case of correct operation, the screen of "【STEP2】証明書を発行" will be displayed.)
    Please send your user name and a screenshot of the screen to us.

    *Clicking the "[発行/issue]" or "[証明書をダウンロード/Download certificate]" button multiple times may cause this to happen.Please click the buttons only once.

    • When you are asked for a password (access PIN) during import.

    During import, you will be asked for the password for the certificate/private key/encryption/extraction.

    -When the certificate file was obtained by downloading it from UPKI
    The access PIN (initial password for import) can be confirmed in the J-UPKI system, and please enter it.

    -When the certificate file is exported and obtained
    Please enter the password you have chosen for the export.

    Unable to delete digital certificates in Firefox

    The certificate used for "Authentication Decision" in Firefox cannot be deleted.
    To deleted the certificate, please follow the steps below.

    1. Open the Firefox Certificate Manager.
      Click [≡] (three horizontal lines in the upper right corner)
      → Click [Settings]
      → Click [Privacy & Security]  scroll down
      → Click [View Certificates]

    2. Deleting authentication settings
      Click the [Determine authentication] tab
      → Click the "auth.jaist.ac.jp" line
      → Click [Delete]

    3. Deleting the certificate
      Click the [Your Certificates] tab
      → Click the certificate you want to delete
      → Click [Delete]
    "[STEP 1] Enter the Password" screen appears when issuing the certificate.

    When "[STEP 1] Enter the Password" screen is displayed, the issuance of the certificate has failed.
    Please contact us with your user name and screen view ("[STEP 1] Enter the Password" screen appears).
    Inquiry Form

    Certificate imported to mac is "not trusted".

    When importing a client certificate, "SECOM Passport for Member RSA CA16" will be imported at the same time as the root certificate. If this root certificate causes an error with the message "This root certificate is not trusted," please check the fingerprint and change the trust settings.

     

    1. Check the fingerprints
      Please refer to the following page to confirm that the "Fingerprint SHA-1" of "SECOM Passport for Member RSA CA16" is "D5 62 97 10 C1 7B D6 63 91 E8 FC 27 91 9C E1 41 DA B4 7A F8".
      https://support.apple.com/guide/keychain-access/view-the-information-stored-in-a-keychain-kyca1085/11.0/mac/14.0

    2. Change trust settings
      Please refer to the following page and change the trust setting of "SECOM Passport for Member RSA CA16" to [Always Trust].
      https://support.apple.com/guide/keychain-access/change-the-trust-settings-of-a-certificate-kyca11871/11.0/mac/14.0
    Certificate imported to mac is "not trusted".

    online storage

    online storage

    "Account storage limit reached" is displayed and I cannot upload files.

    Students, teachers and researchers can upload up to 100 GB to their personal folders (top area), while staff cannot upload to their personal folders.
    For more information, please see 'About folders - personal folders'.

    After signing in, the "HTTP Status 403 - Forbidden" screen was displayed.

    You are not authorised to use the J-Storage Box. There are two possible reasons:

    • Not eligible for use
      Please check who is eligible to use the J-Stoarge Box. If you are an eligible user but the 403 screen is displayed, please contact us with your user name and status.
    • Have a free account with a JAIST email address
      If you have a free account with a JAIST email address, you are not authorised to use the J-Stoarge Box because we cannot create a JAIST administration account on the J-Stoarge Box. Please contact us after changing the default email address of your free account.
    After signing in, "Part of JAIST?" "Invalid login credentials" screen will be displayed.

    You are eligible to use the J-Storage Box, but your JAIST managed account does not exist. When you have changed your email address, please wait 1~2 working days. If you still cannot sign in after waiting a few days, please contact us with your username.

    The 'People with the link' option is not available for shared links

    Shared links for 'People with the link' can only be set for personal files or files under the 'XXX-4.linkable' folder. For more information, see 'About folders'.

    When exactly does a shared link with an expiry date expire?

    If the expiry date is not changed, public shared links ('People with the link' shared links) expire after 1 day (24 hours) and other shared links after 7 days. Shared links set by date expire at around 15:00 Pacific Standard Time (14:00 Daylight Saving Time), 8:00 or 7:00 Japan Standard Time.

    I want a folder that can be used by members of the lab.

    Faculty members should create a folder under the "internal folder" and invite members of the laboratory to it.
    If you need to invite JAIST unmanaged users (e.g. non-regular students or external collaborators), please create a folder for your laboratory in the "invitable folder".

    A file has deleted. Can you find out who deleted it? And is it possible to restore the file?

    It is possible to investigate user activity on the file with sufficient information from the responsible person for the file. The file can be restored if it remains in the Trash, but not completely deleted.


    If you wish to investigate and restore the file, please contact us with the following information.

    • The name of the missing file/folder
    • The path where the file was located
    • The date and time when the file was last seen.
    • (In the case of a shared folder) Can other members see the file?
    Can I use Box Drive and mobile apps?

    Yes, you can use Box Drive, Box Edit, Box for Androiod Phones, Box for Android Tablet, Box for iPhone and Box for iPad.

    However, RCACI does not provide support for these apps. Please use the web service basically and use the apps at your own risk.

    GakuNin RDM

    GakuNin RDM

    How to transfer data when I change the account to continue to the Doctoral Program etc.

    Please see this page.

    Remote Access

    Remote Access

    I cannot access to SSL-VPN system (User authentication failed)

    Please see the FAQ of JAIST-SSO "AUTHENTICATION FAILED" is displayed"

    I cannot access to SSL-VPN system (User authentication succeeded, but not display the menu of SSL-VPN system)

    On devices with IPv6 address, the SSL-VPN system menu may not be displayed after user authentication has been successfully.
    In this case, please try other methods.

    For details, please see this page.

    SSL-VPN shows "disconnected" and cannot connect

    Please try the following.

     

    1.Reinstall the client application

    Uninstall the client application (Windows: BIG-IP Edge Client Components, macOS: F5 VPN) and install the application referring to the SSL-VPN connection instructions page.
    After that, please access the SSL-VPN and try to connect.

     

    2.Use of alternative methods

    Please see this page.

     

    If you have another PC, please check if SSL-VPN connection is available on another PC.
    In particular, if your PC is used for SSL-VPN other than JAIST, it may fail to establish SSL-VPN connection.

    Cannot browse JAIST web pages when using a VPN connection on a Windows PC tethered from a Rakuten smartphone

    When using a smartphone with Rakuten Mobile line tethered to a Windows PC and connecting to a VPN on that PC, you may not be able to view the JAIST web page ( https://www.jaist.ac.jp/ ). We have provided logs to the vendor for investigation, but have not been able to identify the cause. The problem is likely to be caused by Rakuten Mobile's line, since it can be used normally when other lines are used.

     

    Rakuten Mobile line users can access the campus network in the following way:

    • Use alternative 2 (vpn2)
      The SSL-VPN service provides an alternative for when you cannot connect to the official service. We have confirmed that the above problem does not occur with the . alternative 2 (vpn2). Please refer to this page and use vpn2.
      * We are sorry that the vpn2 instructions are only in Japanese. If you need help, please come to the reception desk during the hours the help desk is open.
      * Alternative services may be suspended without notice. Also, individual inquiries and support may not be available.

    • Using SSL-VPN with Smartphones
      We have confirmed that no problems occur when browsing directly on a smartphone without tethering, even with the Rakuten Mobile connection.
      Please refer to this page to set up VPN on your smartphone or tablet device.

    Virtual Desktop, Thin Client

    VDI/ThinClient

    Can I install to software to the thin client (Cloud Desktop)?

    You can not install any softwares to Cloud Desktop.

    If you needs some software for your research, please ask us, RCACI.

    I would like to change my password

    The virtual desktop logon password is synchronized with the password used for mail or when using the UNIX system.
    To change the password please click on this link

    Software

    Software

    I would like to keep using the security software even after I graduate and leave

    Unfortunately, it is not permitted to continue using the software after leaving our university due to the terms of the license.
    Please uninstall this software right away, then purchase new anti-virus software and install it.

    Do I have to use ESET?

    No, it is optional.
    However, using anti-virus software is required to connect to the campus LAN , so please make sure some antivirus software is installed and running. Also, please use highly reliable products that are certified by the following third party organizations.

    - AV-TEST certification

    https://www.av-test.org/en/

     

    - AV-Comparatives Standard / Advanced / Advanced + Certification

    https://www.av-comparatives.org/

    Is the software previously offered by RCACI currently available?

    Software that was provided by our center in the past and is not listed page of software cannot be used because there is no valid license at this time. Please delete them if they are still in the device.

    I cannot access the individual software pages.

    Many of the pages can only be accessed from JAIST Network only. For outside user, please use SSL-VPN.

    Microsoft Campus Agreement

    Microsoft Campus Agreement

    "User ID does not exist" displayed on the login site of Office365

    We are sorry but it is possible that you are not eligible for licensing. Please inquire with us if this message is displayed and you already have an account or you think you are eligible.

    I cannot see what services are available after Office 365 login

    We are sorry but it is possible that you are not eligible for licensing. Please inquire with us if this message is displayed and you already have an account or you think you are eligible.

    Also, please contact us if you are a non-regular student.

    I need to install Visual Studio

    Visual Studio isn't included in the license program. However, Visual Studio Community can be downloaded for free from https://www.visualstudio.com/downloads/

    Error "SAML assertion is not present in the token." at Microsoft365 sign-in

    If the error message during Microsoft365 sign-in includes "SAML assertion is not present in the token.", another Microsoft account may have been affected.

    another Microsoft account:

    • Personal Microsoft account
    • Microsoft account from other universities before entering JAIST
    • (Doctoral Students) Account used during master's program
    • (Tokyo Satellite students) Microsoft account used by the company

    Please try to sign in using a private window.

    ――――――――――
    1.Open Private Window
    Open an InPrivite Window / Secret Window / Private Window in your browser.
    Tips: Using a Private Window

    2.Copy the following URL and paste it into the URL field of the private window to access it.
    https://www.office.com/

    3.Click "Sign In."
    On the Microsoft sign-in screen, enter "username@jaist.ac.jp" and click "Next" and sign in at the JAIST-SSO screen.
    ――――――――――

    You may also be able to sign in with normal browsers by trying the following steps.

    • Restart browser
      (Please close all browser windows and reopen them.)
    • Reboot your device
    • Delete Cookies
      * For the URL to delete cookies, search for keywords such as "microsoft".

     

    If you still see the same error after trying to use a private window or reboot, please contact us with your user name and a screenshot of the error screen.

     

    * This error is displayed on the Microsoft screen; if you encounter an error with JAIST-SSO authentication, please see "When JAIST-SSO login fails".

    Setting up a Website

    Web page/Homepage

    I can no longer acess my page

    Content that violates laws and regulations or public policy, infringes copyrights or other rights, or any other content that RCACI deems inappropriate may be removed or moved from the Site without prior notice.

    I would like to use a counter

    In case you don't want to install a counter program by yourself, please use the counter in the following way.

    In the HTML file of the page where you want to put a counter, 
    please add the following description:

    <IMG SRC="/cgi-local/Count.cgi?dd=B&df=user.dat&ft=1"ALIGN="BOTTOM">

    The user.dat part becomes the file name to save the count number. Please use half-width alphanumeric characters for the user part and set a file name that does not duplicate other users.
    The counter design can be set individually.


    Click here for counter design and code. Please refer to CGI related websites, books etc. for details of settings.

    In addition to the methods described above, you can also install an access counter CGI individually.

    → As of 2011/7, it is confirmed that it is not possible to install a new counter (it is impossible to generate a file to save the counter number). When setting the counter, "Counter datafile" /usr/local/apache2/etc/Counter/data/XXX.dat "must be created first!" will be displayed and will not operate properly. If you wish to install a counter as a provisional measure, please inform www-admin@jaist.ac.jp that you want to set up a counter and file name to save the counter number.

    I want to restrict website access for each user

    First of all, create a password file with the htpasswd command .

    Htpasswd -c /home/USERNAME/.htpasswd USERNAME
    (Please add the c option only when creating a new password file. If you already have a password file, adding the c option will cause the contents of the original password file to be entirely replaced.)

    Htpasswd /home/USERNAME/.htpasswd USERNAME
    (To add a user to an already existing password file, execute htpasswd without the c option.)


    Next, put a file named .htaccess like the one below in the directory of the page you want to restrict access to.

    Example of .htaccess

    AuthUserFile /home/USERNAME/.htpasswd

    AuthName "Page Title"

    AuthType Basic

    require valid-user

     

    For more about .htaccess, please check relevant websites/books etc

    I want to restrict website access for each connected machine

    Please place a file named .htaccess like the one below in the directory of the page you want to restrict access to.


    Example of .htaccess when accessing only from within campus

    order allow,deny

    allow from 150.65.0.0/16

    allow from 2001:df0:2ed::/48

    deny from 150.65.176.0/24

    deny from 150.65.140.0/23

    deny from 150.65.142.0/24

    deny from 150.65.143.0/24

    deny from 150.65.18.31/32

    deny from 150.65.18.32/30

    deny from 150.65.18.36/31

    deny from 150.65.18.38/32

    deny from 150.65.18.41/32
    deny from 150.65.18.42/31
    deny from 150.65.18.44/30
    deny from 150.65.18.48/31

    For more about .htaccess, please check relevant websites/books etc

    I want to make a website that's only accessible within campus

    For the following URLs,

    www.jaist.ac.jp/gakunai/  (In the directory /home/www/HTTP/htdocs/gakunai/) )
    www.jaist.ac.jp/private/  (In the directory /home/www/HTTP/htdocs/private/) )

    The pages in the directories are designed to be accessible only from within the university, so if you want to create a page for campus use only, please put the HTML files here.

    If you want to set access restrictions in other places, see the FAQs [I want to restrict website access for each connected machine], [I want to restrict website access for each user].

    I created a web page, where should I put it?

    Please click on this link

    What is the difference between www.jaist.ac.jp and www2.jaist.ac.jp?
    • www.jaist.ac.jp

      It is a WEB server for sharing JAIST information regardless of whether it's within or without campus

    • www2.jaist.ac.jp

      It is a server for running specific systems, and it is only accessible from within the university. As a bonus feature, it is also possible to use it for practice for personal pages.
      However, it is not a server for placing pages for campus internal use. When creating a page for campus use, please place it on www.jaist.ac.jp.

    I cannot put FTP/SSH on www.jaist.ac.jp

    Have you registered your account for www.jaist.ac.jp?
    To log in to www.jaist.ac.jp, you need an account for www.jaist.ac.jp.
    If you are unable to register、please start here.

    Unix server

    UNIX server

    I cannot connect to ssh on Solaris server with TeraTerm

    The Solaris 10 server (sparc 1, 2) does not allow plaintext authentication.
    If using a terminal such as TeraTerm, the default authentication method is plain text, so ssh may fail.
    In this case, change to the appropriate challenge-response authentication and try to reconnect.

    The Unix keyboard layout is different

    When logging in to the Unix (Solaris 10) server, if you use the Japanese keyboard but the keyboard layout becomes English, open the console and enter the following command.

     

    /usr/local/bin/jp109key

    Printer

    Printer

    The multifunction printer is out of toner.

    Please read "JAIST Printing Service Handling of Consumables"

    * The replacement toner may be hidden in a hard to find place, such as under the paper.
    * If you cannot find it, please call the telephone number on the multifunction machine from a user that speaks Japanese.

    I had trouble with the multifunction printer.
    I want to use a large format printer.

    Please come to the User Room (I-23).

    Large format printers are available from two terminals in the user room.
    For detailed printing instructions, please refer to the manuals on the desks of the devices.

    For more information, please see the Large Format Printer page.

    Others

    Others

    We set up a server in our laboratory.

    If your laboratory prepares own servers, please refer to the following.

    • Apply for a static IP address

    Please refer to the following page to submit a network connection application.
    Application for Network Connection

    • Setting of DNS and NTP
    • Sending and receiving e-mail

    About sending and receiving e-mail,
     A: When sending mail with hostname from off-campus -> Receiving is rejected due to no destination.
     B: When sending mail from the on-campus server -> Authentication (by username and password) is required.

    If you want to do the following on own server, please  submit "Application to change firewall settings".
     a: Receive mail from off-campus to own server on campus
     b: Send mail from own server on campus without authentication

    • External publication, external access

    Basically, the policy is to block communication from outside the campus to the campus servers.
    (Excluding pings and ports for servers that are allowed to open to the off campus.)

    If you wish to allow communication from off-campus to the on-campus server, such as your own web server, please submit an "Application to change firewall settings".

    I can't access the intramural use only page (Safari)

    The macOS web browser "Safari" has a setting to keep IP addresses private.
    If this setting is enabled, the device is connected to the campus network, but the communication is considered to be with the off-campus network.

    • Cannot access campus-only services ( internal use only page, GAKUMU system, JAIST-LMS, etc.)
    • JAIST-SSO requires authentication factors other than password (OTP, certificate)

    When accessing campus-only services, please disable the "Hide IP address" setting.
    (macOS: Safari -> Settings -> Privacy -> uncheck "Hide IP Address" )

    I read the web page, but I don't know how to use/set up XXX.

    Instructions on how to use/set up the various services provided by the Center are described on this web page.
    However, when you still cannot understand after reading the Web page, please contact the IT Help Desk (it-helpdesk[at]ml.jaist.ac.jp) with the following information.

    • What services would you like to use?
    • What part is not clear to you? How far did you get on your own?
    • Environment (device, OS, browser, etc.)

     

    If you are on campus, please come to the reception desk with your device when the IT Help Desk staff is in the rooms. (You can check the availability of the Help Desk from this page.)