< Home

Applying an AAA Scheme to a Domain

This section describes how to apply an AAA scheme to a domain using the merge method.

Table 1 Applying an AAA scheme to a domain

Operation

XPATH

edit-config:merge

/huawei-aaa:aaa/aaa-domain

Data Requirement

Table 2 Applying an AAA scheme to a domain

Item

Data

Description

Domain name

 domain1

Create a domain named domain1.

Name of an authentication scheme bound to the domain

 authen1

Bind the authentication scheme authen1 to the domain.

Name of an accounting scheme bound to the domain

 acc1

Bind the accounting scheme acc1 to the domain.

Name of a service scheme bound to the domain

 ser1

Bind the service scheme ser1 to the domain.
Whether to enable traffic statistics collection for domain users true Enable traffic statistics collection for domain users.

Request Example

<rpc message-id="10" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
  <edit-config>
    <target>
      <running/>
    </target>
    <config>
      <hw-aaa:aaa xmlns:hw-aaa="urn:huawei:params:xml:ns:yang:huawei-aaa">
        <hw-aaa:authentication-scheme>
          <hw-aaa:name>authen1</hw-aaa:name>
          <hw-aaa:vsys>public</hw-aaa:vsys>
          <hw-aaa:authentication-mode>radius</hw-aaa:authentication-mode>
        </hw-aaa:authentication-scheme>
        <hw-aaa:accounting-scheme>
          <hw-aaa:name>acc1</hw-aaa:name>
          <hw-aaa:vsys>public</hw-aaa:vsys>
          <hw-aaa:accounting-mode>radius</hw-aaa:accounting-mode>
        </hw-aaa:accounting-scheme>
        <hw-aaa:service-scheme>
          <hw-aaa:name>ser1</hw-aaa:name>
          <hw-aaa:vsys>public</hw-aaa:vsys>
        </hw-aaa:service-scheme>
        <hw-aaa:aaa-domain>
          <hw-aaa:name>domain1</hw-aaa:name>
          <hw-aaa:vsys>ads</hw-aaa:vsys>
          <hw-aaa:authentication-scheme>authen1</hw-aaa:authentication-scheme>
          <hw-aaa:accounting-scheme>acc1</hw-aaa:accounting-scheme>
          <hw-aaa:service-scheme>ser1</hw-aaa:service-scheme>
          <hw-aaa:statistics-enable>true</hw-aaa:statistics-enable>
        </hw-aaa:aaa-domain>
      </hw-aaa:aaa>
    </config>
  </edit-config>
</rpc>

Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="10">
  <ok/>
</rpc-reply>

Sample of failed response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="10">
 <rpc-error>
  <error-app-tag>-1</error-app-tag>
  <error-message>config/undo scheme failed</error-message>
  <error-info>Error on node /huawei-aaa:aaa/aaa-domain[name="domain1",vsys="ads"]/authentication-scheme</error-info>
 </rpc-error>
</rpc-reply>
Parent Topic: Configuring a Domain
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >