Deactivate MAC address randomization
Instructions in Italian can be found here.
According to the minimal IT security measures compiled by AGID, any organization must maintain an inventory of active devices on its internal network. Each device must be associated, among other things, to its owner. Every device which operates on our WiFi (INFN-Web, INFN-dot1x) or wired (DHCP, supplied by cabiria) network is identified by its physical address (MAC address) and automatically associated to its owner thanks to the authentication required to access said networks.
Most operating systems offer the option (sometimes active by default) to mask the device's MAC address for WiFi connections, periodically generating a random one. This setting, useful for one's own privacy, is recommended on public, untrusted networks but is problematic on our internal network: for example, a cell phone which randomizes its MAC address every day will be constantly identified as a new device (belonging to the same owner) and the contents of our inventory will be incorrect.
This privacy setting can be easily modified and it's always possible to set a different behaviour on each network: it's possible to use a masked address on public networks and the real one on trusted networks. Here's the instructions to modify this setting on the most common operating systems: