Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
NE40E-X3 upgrade problem.

NE40E-X3 upgrade problem.

Created: May 20, 2018 08:43:32Latest reply: Oct 17, 2018 03:40:19 2360 4 0 0 0
  Rewarded HiCoins: 0 (problem resolved)
display all floors 1#

Dears,

While we upgrading NE40E-X3 router to V6R8 we are facing problem regarding pre-configured than new router. In new router we can’t add (undo hwtacacs-server user-name domain-included) command in HWTACACS template, if we bind this template to default_admin domain while the pre-configured router the command still existing after upgrading the router. whats seems to be the problem and how to solve it?

  • x
  • convention:

Like (0) Dislike (0) Favorite(0) Share Report
Previous: SNMP/5/SNMP_IP_LOCK
Next: How can we setup SIP AG redundancy in AR169 router
Featured Answers

Recommended answer

(0) (0)
Finn92
Created Oct 17, 2018 03:40:19

hello sir
when you input the command , does it show below alarm ?
[~HUAWEI-hwtacacs-tac] undo hwtacas-server user-name domain-included
Error: Configuring devices in a RADIUS server group or TACACS server template bound to the admin domain to send user names without domain names brings security risks. Changing the mode to using the original user name is recommended.

if yes, the root casue is
In V800R008C00 and later versions, an HWTACACS template having the undo hwtacacs-server user-name domain-included configuration cannot be bound to the default admin domain or a domain having the adminuser-priority level configuration (configuration restoration is not affected).

solution :
Run the hwtacacs-server user-name original command to override the undo hwtacacs-server user-name domain-included configuration.
and remember commit configuration .


View more
  • x
  • convention:
All Answers
a84042067
a84042067 Created May 20, 2018 08:59:10

Please let me know the below information:
1. in the current situation with new software without this command (undo hwtacacs-server user-name domain-included) can you connect to the server with only username "without domain name" or not.
2. If you created another Domain can you add this command (undo hwtacacs-server user-name domain-included) or still the same issue
View more
  • x
  • convention:
Mysterious.color
Mysterious.color Created May 20, 2018 10:10:59

i would like to see the solution
why not contacting local office?

View more
  • x
  • convention:
Fernandoizsa
Fernandoizsa Created Aug 27, 2018 21:16:43

i suggest delete the command in the RADIUS server template view or in the HWTACACS Server template view. Double check that you are using the correct template.

If you can please share to us the HWTACACS configuration.

View more
  • x
  • convention:
Finn92
Finn92 Created Oct 17, 2018 03:40:19

hello sir
when you input the command , does it show below alarm ?
[~HUAWEI-hwtacacs-tac] undo hwtacas-server user-name domain-included
Error: Configuring devices in a RADIUS server group or TACACS server template bound to the admin domain to send user names without domain names brings security risks. Changing the mode to using the original user name is recommended.

if yes, the root casue is
In V800R008C00 and later versions, an HWTACACS template having the undo hwtacacs-server user-name domain-included configuration cannot be bound to the default admin domain or a domain having the adminuser-priority level configuration (configuration restoration is not affected).

solution :
Run the hwtacacs-server user-name original command to override the undo hwtacacs-server user-name domain-included configuration.
and remember commit configuration .


View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.
Information Protection Guide
Thanks for using Huawei Enterprise Support Community! We will help you learn how we collect, use, store and share your personal information and the rights you have in accordance with Privacy Policy and User Agreement.