strip-domain
Domain Name and Realm Name Examples
Copyright © 2010, Juniper Networks, Inc.
Use the no version to return to the default, realm first.
See aaa parse-order
Use to strip the domain name from the username before sending an access-request
message to the RADIUS server.
By default, the domain name is the text after the last @ character. However, if you
change the domain name parsing by using the aaa delimiter, aaa parse-order, or
parse-direction command, the router strips the domain name and delimiter that result
from the parsing.
To stop stripping the username, use the disable keyword.
Example
host1(config)#aaa domain-map xyz.com
host1(config-domain-map)#strip-domain enable
Use the no version to return to the default, disabled.
See strip-domain
This section provides examples of possible domain or realm name results that you might
obtain, depending on the commands and options you specify. This example uses the
following username:
username: usEast/userjohn@abc.com@xyz.com
The router is configured with the following commands:
host1(config)#aaa delimiter domainName @!
host1(config)#aaa delimiter realmName /
Table 3 on page 15 shows the username and domain name that result from the parsing
action of the various commands.
Table 3: Username and Domain Name Examples
Command
aaa parse-order realm-first
aaa parse-order domain-first
aaa parse-direction domainName
right-to-left
aaa parse-direction domainName
left-to-right
Chapter 1: Configuring Remote Access
Resulting Username
userjohn@abc.com@xyz.com
userjohn@abc.com
userjohn@abc.com
userjohn
Resulting Domain
Name
usEast
xyz.com
xyz.com
abc.com@xyz.com
15