The intranet portal of the Amiens academy relies on CAS (Central Authentication Service) authentication linked to the academic LDAP directory. Each staff member receives an identifier in the form of firstname.lastname, associated with the NUMEN for the first activation. The session opened on the Convergence webmail (Roundcube hosted by the rectorate) remains tied to the CAS token, the lifespan of which determines the disconnections experienced by roaming staff.
CAS Token and Disconnections on Mobile Devices in Roaming
Teachers assigned to multiple institutions regularly switch from an institutional Wi-Fi network to a personal 4G/5G network. Each change of IP address can invalidate the active CAS token, resulting in a sudden disconnection from the webmail without an explicit error message.
You may also like : How to Extend the Lifespan of Your Tires?
On a mobile browser, the expired session redirects to the authentication screen. The problem worsens when the browser has cached an outdated session cookie: the page loops between the CAS screen and the webmail, never reaching a conclusion.
We recommend that roaming staff configure a native IMAP client instead of the webmail to bypass the dependency on the CAS token. The IMAP protocol with separate SMTP authentication maintains the connection regardless of network changes. The server settings remain those of the rectorate: incoming server imap.ac-amiens.fr (port 993, SSL), outgoing server smtp.ac-amiens.fr (port 465, SSL).
See also : Everything You Need to Know About a Trader's Salary in France: Figures and Outlook for 2024
To access all resources related to the academic messaging and intranet of the Amiens academy, using a dedicated mail client remains the most reliable solution for mobility.
Multifactor Authentication: What the MFA Deployment 2025-2026 Changes
The Amiens rectorate has announced a gradual migration to mandatory multifactor authentication for all academic accounts, spread over 2025-2026. This directive follows the national framework for enhanced cybersecurity applied to the academies.
In practice, the second factor relies on a temporary code (TOTP) generated by an app like FreeOTP or the ministry’s in-house application. For roaming teachers, this additional layer poses a concrete problem: each invalidation of the CAS session will trigger a new entry of the TOTP code, multiplying interruptions during travel between institutions.
- Installing the TOTP app on the same device as the mail client reduces friction but centralizes the risk in case of phone loss
- Generating backup codes to keep off-device (paper safe or encrypted password manager) to avoid complete lockout
- Anticipating MFA enrollment as soon as the system opens instead of waiting for the mandatory switch, to identify hardware incompatibilities
The MFA will enhance protection against phishing attempts, which have significantly increased in the North-East academies since early 2025. The trade-off lies between increased security and user fluidity for multi-site profiles.
PIA Portal and Convergence Webmail: Architecture and Technical Limits
The Academic Intranet Portal (PIA) aggregates access to business applications: I-Prof, GAIA, SIAM, Convergence messaging, educational resources. The entire system operates via SSO (Single Sign-On) using the same CAS token. An active PIA session provides access to the webmail without reconnection, as long as the token does not expire.
The Convergence webmail does not synchronize IMAP folders in real-time. An email filed in a subfolder from a mobile client may take several minutes to appear in the web interface, and vice versa. This synchronization delay generates duplicates or apparent disappearances of messages for users alternating between the two interfaces.
The recent integration of the intranet into the national ÉduConnect platform allows unified access to inter-academic services. Specifically, a staff member transferred from another academy retains a single entry point without creating new credentials, simplifying exchanges with neighboring rectorates.
Recommended IMAP Settings to Avoid Synchronization Conflicts
On a mobile client (K-9 Mail, Outlook, Mail), disable the synchronization of webmail system folders (Trash, Drafts, Sent on the server) and manually map these folders to the corresponding IMAP folders. Without this setting, the client creates duplicate folders that fragment the history of exchanges.
The quota of the academic mailbox remains limited. Archiving large attachments locally and regularly purging the Sent folder on the server prevents overflow errors that block reception without notification.
Targeted Phishing and Support: Reporting and AI Chatbot from the Rectorate
Reports of incidents related to phishing attempts targeting intranet credentials have seen a significant increase since early 2025. Phishing campaigns mimic the academic CAS screen with precision that even deceives experienced users. The reflex to adopt: systematically verify that the URL starts with intranet.ac-amiens.fr before entering any credentials.
On the support side, an AI chatbot deployed at the end of 2025 has reduced ticket resolution times by about 30%, according to feedback from the rectorate. Teachers in rural areas, often far from DSDEN services, benefit the most from this asynchronous channel that provides immediate answers to common connection issues.
- The chatbot handles password resets, account unlocks after failed attempts, and mail configuration questions
- Security incidents (confirmed phishing, unauthorized access) are escalated to the academic CISO via a dedicated form in PIA
- The rectorate’s phone support remains available for cases not resolved by the chatbot, with dedicated slots for roaming staff
The combination of progressive MFA and the AI chatbot marks a turning point in the management of academic support in Amiens. For roaming teachers, switching to a properly configured IMAP client remains the most effective technical lever against service interruptions, well before any server-side software solution.