< Home

security-name-delimiter

Function

The security-name-delimiter command configures a delimiter for a security string.

The undo security-name-delimiter command restores the default delimiter for a security string.

By default, the delimiter for a security string in the AAA view is *, and no delimiter is available in the authentication profile view.

This command only applies to 802.1X users. If the CHAP or PAP authentication is configured for 802.1X users, the device removes the security string, but does not encapsulate it into the HW-SecurityStr attribute. If the EAP authentication is configured for 802.1X users, the device removes the security string and encapsulates it into the HW-SecurityStr attribute.

This function is supported only by S5730-HI, S5731-H, S5731S-H, S6730-H, S6730S-H, S5732-H, S6720-HI, and S5720-HI.

Format

security-name-delimiter delimiter

undo security-name-delimiter

Parameters

Parameter

Description

Value

delimiter

Specifies a delimiter for a security string.

The value is \ / : < > | @ ' % or *.

Views

AAA view, authentication profile view

Default Level

In the AAA view, the default level is management level.

In the authentication profile view, the default level is configuration level.

Usage Guidelines

Usage Scenario

Some STAs may use the user name in the format of username@domain*securitystring. * is the security string delimiter. To enable the AAA server to identify this type of user name, you need to configure a delimiter for a security string on the device. In this way, when sending the user name to the AAA server, the device deletes the *securitystring and only uses username@domain for authentication.

Precautions

When the command is executed in the AAA view, the configuration takes effect for all users. When the command is executed in the authentication profile, the configuration takes effect for only the users connected to this authentication profile.

The delimiter for a security string cannot be the same as the domain name delimiter.

If you run the security-name-delimiter command in the AAA view, the delimiter for a security string is configured globally.

When this command is executed in the authentication profile, the configuration takes effect only after the authentication profile is bound to a VAP profile.

Example

# Configure the delimiter for a security string as / in the AAA view.

<HUAWEI> system-view
[HUAWEI] aaa
[HUAWEI-aaa] security-name-delimiter /
Parent Topic: AAA Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >