User-Name-Format - Huawei Quidway S3900 series Command Manual

Command Manual – AAA & RADIUS & HWTACACS & EAD
Quidway S3900 Series Ethernet Switches-Release 1510
[Quidway-hwtacacs-hwt1] timer response-timeout 30

1.3.20 user-name-format

Syntax
user-name-format { with-domain | without-domain }
View
HWTACACS scheme view
Parameter
with-domain: Specifies to send the username with a domain name to the TACACS
server.
without-domain: Specifies to send the username without any domain name to the
TACACS server.
Description
Use the user-name-format command to configure the username format sent to the
TACACS server.
By default, an HWTACACS scheme acknowledges that the username sent to it
includes an ISP domain name.
Note that:
The supplicants are generally named in userid@isp-name format. The part
following the @ sign is the ISP domain name, according to which the switch
assigns a user to the corresponding ISP domain. However, some earlier
TACACS servers reject the user name including an ISP domain name. In this
case, the user name is sent to the TACACS server after its domain name is
removed. Accordingly, the switch provides this command to decide whether the
username sent to the TACACS server carries an ISP domain name or not.
If a HWTACACS scheme is configured to reject usernames including ISP
domain names, the TACACS scheme shall not be simultaneously used in more
than one ISP domains. Otherwise, the TACACS server will regard two users in
different ISP domains as the same user by mistake, if they have the same
username. (excluding their respective domain names.)
Related command: hwtacacs scheme.
Example
# Specify to send the username without any domain name to the HWTACACS
scheme "hwt1".
<Quidway> system-view
System View: return to User View with Ctrl+Z.
Huawei Technologies Proprietary
1-78
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands