Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
How to remove realm-name ...

How to remove realm-name from username

Created: Dec 9, 2020 19:20:01Latest reply: Nov 2, 2021 12:47:02 490 10 0 0 0
  Rewarded HiCoins: 0 (problem resolved)
View the author 1#

Hi,


I would like to know if it is possible to remove the domain name from username

For exemple, I'm using a Huawei NE40 as BRAS with IPoE, and every username has the domain name on it.


In this username:

[FH1.49.3.4.37]/000000000000d8778ba8fcd5@my-domain01


I want to remove @my-domain01 from the user [FH1.49.3.4.37]/000000000000d8778ba8fcd5


Thanks.




Like (0) Dislike (0) Favorite(0) Share Report
Previous: Applicability of patches released due to port security issues
Next: AR router vs ppp interface
Featured Answers

Recommended answer

(0) (0)
Popeye_Wang
Admin Created Dec 10, 2020 02:18:13

Hi,
Assume that a user getting online with a domain name and the user inputs a user account, namely, user@A.
The BAS interface that accesses the user is configured with domain B as the default-domain authentication. If domain A is configured on the , the user adopts the authentication scheme that is configured in domain A, and the user account for authentication is user@A. If domain A is not configured on the , and the roam-domain is disabled, the user authentication fails. If the roam-domain is enabled, the user adopts the authentication scheme that is configured in the roam-domain.
The BAS interface that accesses the user is configured with domain E as the roam-domain configured through the roam-domain command. If domain A is not configured on the , the user adopts the authentication scheme that is configured in domain E. If domain A is configured on the , the user adopts the authentication scheme that is configured in domain A, and the user account for authentication is user@A.
The BAS interface that accesses the user is configured with domain F as the default-domain authentication force. In this case, the user adopts the authentication scheme that is configured in domain F (regardless of whether domain A is configured on the NE40E or whether a roam-domain is configured), and the user account for authentication is still user@A.
The BAS interface that accesses the user is configured with domain G as the default-domain authentication replace. In this case, the user adopts the authentication scheme that is configured in domain G (regardless of whether domain A is configured on the NE40E or whether a roam-domain is configured), and the user account for authentication is changed into user@G.
Assume that a user getting online without a domain name and the user inputs a user account, namely, user.
If the BAS interface that accesses the user is not configured with the default-domain authentication, the user adopts the authentication scheme that is configured in default1, and the user account for authentication is user@default1.
If the BAS interface that accesses the user is configured with domain B as the default-domain authentication, the user adopts the authentication scheme that is configured in domain B (domain B here is a default domain), and the user account for authentication is user@B.
If the BAS interface that accesses the user is configured with domain H as the default-domain authentication force, the user adopts the authentication scheme that is configured in domain H, and the user account for authentication is user@H.
If the BAS interface that accesses the user is configured with domain J as the default-domain authentication replace, the user adopts the authentication scheme that is configured in domain J, and the user account for authentication is user@J.
Refer to:https://support.huawei.com/hedex/hdx.do?docid=EDOC1100109721&id=EN-US_CLIREF_0172385188&lang=en
View more
  • x
  • convention:

user_4400653
user_4400653 Created Nov 2, 2021 04:13:14 (0) (0)
 
All Answers
(0) (0)
2#
Gustavo.HdezF
Gustavo.HdezF Admin Created Dec 9, 2020 19:23:40

Hello User. we are reviewing your question and we will answer you shortly. Thanks.
View more
  • x
  • convention:
(0) (0)
3#
Gustavo.HdezF
Gustavo.HdezF Admin Created Dec 9, 2020 19:28:01

What is the purpose of this modification? I don't think the router could do that action. If you are authenticating a user may be in the server that you use for authentication you can split the user and the realm with a short programming code before analyzing the user.

Regards.
View more
  • x
  • convention:

nochhie
nochhie Created Nov 2, 2021 04:15:02 (0) (0)
 
(1) (0)
4#
wissal
wissal MVE Created Dec 9, 2020 22:21:05

Hello,

In a user account, a delimiter to separate the domain name from the username and the sequence of parsing them can be flexibly configured to meet different requirements.

Procedure

  1. Run system-view


    The system view is displayed.


  2. Run aaa


    The AAA view is displayed.


  3. Run domain-name-delimiter delimiter


    A domain name delimiter is configured.


  4. Run domain-location { after-delimiter | before-delimiter }


    The location of the domain name is configured.


  5. Run domainname-parse-direction { left-to-right | right-to-left }


    The direction in which the domain name is to be parsed is configured.


  6. (Optional) Run realm-name-delimiter delimiter


    A realm name delimiter is configured.


  7. (Optional) Run realm-location { after-delimiter | before-delimiter }


    The location of the realm name is configured.


  8. (Optional) Run realmname-parse-direction { left-to-right | right-to-left }


    The direction in which the realm name is to be parsed is configured.


  9. Run parse-priority { domain-first | realm-first }


    The sequence of parsing the user account is configured.

    If the realm name delimiter is configured and domain-first is specified, the device parses the realm name first based on the realm name delimiter, realm name parsing direction, and realm name location. Then the device parses the remaining string (excluding the realm name and realm name delimiter) based on the domain name delimiter, domain name location, and domain name parsing direction.

    If no realm name delimiter is configured and domain-first is specified, the device parses the domain name first based on the domain name delimiter, domain name location, and domain name parsing direction.


  10. Run commit


    The configuration is committed.


Detail

https://support.huawei.com/enterprise/en/doc/EDOC1100125845/bb1f1b9c/configuring-user-account-parsing


Thanks

View more
  • x
  • convention:

lan2019
lan2019 Created Jan 11, 2021 03:32:16 (0) (0)
Great  
user_4400653
user_4400653 Created Nov 2, 2021 04:13:19 (0) (0)
 
(0) (0)
5#
Popeye_Wang
Popeye_Wang Admin Created Dec 10, 2020 02:18:13

Hi,
Assume that a user getting online with a domain name and the user inputs a user account, namely, user@A.
The BAS interface that accesses the user is configured with domain B as the default-domain authentication. If domain A is configured on the , the user adopts the authentication scheme that is configured in domain A, and the user account for authentication is user@A. If domain A is not configured on the , and the roam-domain is disabled, the user authentication fails. If the roam-domain is enabled, the user adopts the authentication scheme that is configured in the roam-domain.
The BAS interface that accesses the user is configured with domain E as the roam-domain configured through the roam-domain command. If domain A is not configured on the , the user adopts the authentication scheme that is configured in domain E. If domain A is configured on the , the user adopts the authentication scheme that is configured in domain A, and the user account for authentication is user@A.
The BAS interface that accesses the user is configured with domain F as the default-domain authentication force. In this case, the user adopts the authentication scheme that is configured in domain F (regardless of whether domain A is configured on the NE40E or whether a roam-domain is configured), and the user account for authentication is still user@A.
The BAS interface that accesses the user is configured with domain G as the default-domain authentication replace. In this case, the user adopts the authentication scheme that is configured in domain G (regardless of whether domain A is configured on the NE40E or whether a roam-domain is configured), and the user account for authentication is changed into user@G.
Assume that a user getting online without a domain name and the user inputs a user account, namely, user.
If the BAS interface that accesses the user is not configured with the default-domain authentication, the user adopts the authentication scheme that is configured in default1, and the user account for authentication is user@default1.
If the BAS interface that accesses the user is configured with domain B as the default-domain authentication, the user adopts the authentication scheme that is configured in domain B (domain B here is a default domain), and the user account for authentication is user@B.
If the BAS interface that accesses the user is configured with domain H as the default-domain authentication force, the user adopts the authentication scheme that is configured in domain H, and the user account for authentication is user@H.
If the BAS interface that accesses the user is configured with domain J as the default-domain authentication replace, the user adopts the authentication scheme that is configured in domain J, and the user account for authentication is user@J.
Refer to:https://support.huawei.com/hedex/hdx.do?docid=EDOC1100109721&id=EN-US_CLIREF_0172385188&lang=en
View more
  • x
  • convention:

user_4400653
user_4400653 Created Nov 2, 2021 04:13:14 (0) (0)
 
(0) (0)
6#
Chanbora
Chanbora Created Nov 2, 2021 04:12:19

cool
View more
  • x
  • convention:
(0) (0)
7#
Unicef
Unicef MVE Created Nov 2, 2021 12:47:02

Good answer
View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.