3Com Switch 7750 Series
Command Reference Guide – AAA, RADIUS, HWTACACS, EAD
Chapter 1 AAA & RADIUS & HWTACACS
Configuration Commands
1-72
Parameter
with-domain
: Specifies to send the username with a domain name to the TACACS
server.
without-domain
: Specifies to send the username without any domain name to the
TACACS server.
Description
Use the
user-name-format
command to configure the username format sent to the
TACACS server.
By default, an HWTACACS scheme acknowledges that the username sent to it
includes an ISP domain name.
Note that:
z
The supplicants are generally named in userid@isp-name format. The part
following the @ sign is the ISP domain name, according to which the switch
assigns a user to the corresponding ISP domain. However, some earlier TACACS
servers reject the user name including an ISP domain name. In this case, the user
name is sent to the TACACS server after its domain name is removed.
Accordingly, the switch provides this command to decide whether the username
sent to the TACACS server carries an ISP domain name or not.
z
If a HWTACACS scheme is configured to reject usernames including ISP domain
names, the TACACS scheme shall not be simultaneously used in more than one
ISP domains. Otherwise, the TACACS server will regard two users in different ISP
domains as the same user by mistake, if they have the same username.
(excluding their respective domain names.)
Related command:
hwtacacs scheme
.
Example
# Specify to send the username without any domain name to the HWTACACS scheme
"test1".
<3Com> system-view
System View: return to User View with Ctrl+Z.
[3Com] hwtacacs scheme test1
[3Com-hwtacacs-
test1
] user-name-format without-domain