[x]

General AAA commands > display domain

 

 Next

display domain

Use display domain to display ISP domain configuration.

Syntax

display domain [ isp-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

isp-name: Specifies an ISP domain by its name, a case-insensitive string of 1 to 255 characters. If you do not specify an ISP domain, this command displays the configuration of all ISP domains.

Examples

# Display the configuration of all ISP domains.

<Sysname> display domain
Total 2 domains

Domain: system
  State: Active
  Default authentication scheme:  Local
  Default authorization  scheme:  Local
  Default accounting     scheme:  Local
  Accounting start failure action: Online
  Accounting update failure action: Online
  Accounting quota out policy: Offline
  Service type: HSI
  Session time: Exclude idle time
  Dual-stack accounting method: Merge
  Authorization attributes:
    Idle cut: Disabled
    IGMP access number: 4
    MLD access number:  4

Domain: dm
  State: Active
  Login   authentication scheme:  RADIUS=rad
  Login   authorization  scheme:  HWTACACS=hw
  Super   authentication scheme:  RADIUS=rad
  Command authorization  scheme:  HWTACACS=hw
  Default authentication scheme:  RADIUS=rad, Local, None
  Default authorization  scheme:  Local
  Default accounting     scheme:  None
  Accounting start failure action: Online
  Accounting update failure action: Online
  Accounting quota out policy: Offline
  Service type: HSI
  Session time: Include idle time
  Dual-stack accounting method: Merge
  Authorization attributes:
    Idle cut : Disabled
    User group: ugg
    IGMP access number: 4
    MLD access number: 4

Default domain name: system

Table 1: Command output

Field

Description

Domain

ISP domain name.

State

Status of the ISP domain.

Default authentication scheme

Default authentication methods.

Default authorization scheme

Default authorization methods.

Default accounting scheme

Default accounting methods.

Login authentication scheme

Authentication methods for login users.

Login authorization scheme

Authorization methods for login users.

Login accounting scheme

Accounting methods for login users.

Super authentication scheme

Authentication methods for obtaining another user role without reconnecting to the device.

Command authorization scheme

Command line authorization methods.

Command accounting scheme

Command line accounting method.

RADIUS

RADIUS scheme.

HWTACACS

HWTACACS scheme.

LDAP

LDAP scheme.

Local

Local scheme.

None

No authentication, no authorization, or no accounting.

Accounting start failure action

This field is not supported in the current software version.

Access control for users that encounter accounting-start failures:

  • Online—Allows the users to stay online.

  • Offline—Logs off the users.

Accounting update failure max-times

This field is not supported in the current software version.

Maximum number of consecutive accounting-update failures allowed by the device for each user in the domain.

Accounting update failure action

This field is not supported in the current software version.

Access control for users that have failed all their accounting-update attempts:

  • Online—Allows the users to stay online.

  • Offline—Logs off the users.

Accounting quota out policy

This field is not supported in the current software version.

Access control for users that have used up their data quotas:

  • Online—Allows the users to stay online.

  • Offline—Logs off the users.

Service type

This field is not supported in the current software version.

Service type of the ISP domain, including HSI, STB, and VoIP.

Session time

Online duration sent to the server for users that went offline due to connection failure or malfunction:

  • Include idle time—The online duration includes the idle timeout period.

  • Exclude idle time—The online duration does not include the idle timeout period.

Dual-stack accounting method

This field is not supported in the current software version.

Accounting method for dual-stack users:

  • Merge—Merges IPv4 data with IPv6 data for accounting.

  • Separate—Separates IPv4 data from IPv6 data for accounting.

Authorization attributes

Authorization attributes for users in the ISP domain.

Idle cut

This field is not supported in the current software version.

Idle cut feature status:

  • Enabled—The feature is enabled. The device logs off users that do not meet the minimum traffic requirements in an idle timeout period.

  • Disabled—The feature is disabled. It is the default idle cut state.

User group

Authorization user group for users.

IGMP max access number

This field is not supported in the current software version.

Maximum number of IGMP groups that an IPv4 user is authorized to join concurrently.

MLD max access number

This field is not supported in the current software version.

Maximum number of MLD groups that an IPv6 user is authorized to join concurrently.

prev

 

up

 next

authorization-attribute (ISP domain view) 

home

 domain

© Copyright 2018 Hewlett Packard Enterprise Development LP