Table of Contents
Advertisement
user-name-format (HWTACACS scheme view)
Syntax
user-name-format { keep-original | with-domain | without-domain }
View
HWTACACS scheme view
Default level
2: System level
Parameters
keep-original: Sends the username to the HWTACACS server as it is input.
with-domain: Includes the ISP domain name in the username sent to the HWTACACS server.
without-domain: Excludes the ISP domain name from the username sent to the HWTACACS server.
Description
Use the user-name-format command to specify the format of the username to be sent to an HWTACACS
server.
By default, the ISP domain name is included in the username.
A username is generally in the format userid@isp-name, of which isp-name is used by the device to
determine the ISP domain to which a user belongs. Some earlier HWTACACS servers, however, cannot
recognize a username including an ISP domain name. Before sending a username including a domain
name to such an HWTACACS server, the device must remove the domain name. This command allows
you to specify whether to include a domain name in a username to be sent to an HWTACACS server.
If an HWTACACS scheme defines that the username is sent without the ISP domain name, do not apply
the HWTACACS scheme to more than one ISP domain, avoiding the confused situation where the
HWTACACS server regards two users in different ISP domains but with the same userid as one.
If the HWTACACS scheme is for wireless users, specify the keep-original keyword. Otherwise,
authentication of the wireless users may fail.
Related commands: hwtacacs scheme.
Examples
# Specify the device to remove the ISP domain name in the username sent to the HWTACACS servers for
the HWTACACS scheme hwt1.
<Sysname> system-view
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1] user-name-format without-domain
vpn-instance (HWTACACS scheme view) (available only on the
A5500 EI)
Syntax
vpn-instance vpn-instance-name
undo vpn-instance
89
Advertisement
Table of Contents
