Alcatel-Lucent omniaccess User Manual

Chapter 9

The server rules are applied based on the first match principle. The first rule 
that is applicable for the server and the attribute returned will be applied to the 
user and would be the only rule applied from the server rules.

These rule will also be applied uniformly across all the authentication types 
that use the server as the primary authentication server.

Based on the filter-ID returned, users will be classified as admin, employee 
and guest. 

If none of the rules match, the role is set to the default role of the 
authentication type.

Condition

The condition specifies the match method using which the string 
in Value is matched with the attribute value returned by the AAA 
server. 

z

contains – the rule is applied if and only if the attribute value 
contains the string in parameter Value.

z

Starts-with – the rule is applied if and only if the attribute 
value returned starts with the string in parameter Value

z

Ends-with – the rule is applied if and only if the attribute value 
returned ends with the string in parameter Value

z

Equals - rule is applied if and only if the attribute value 
returned equals with the string in parameter Value

z

Not-equals - rule is applied if and only if the attribute value 
returned is not equal to the string in parameter Value

z

Value-of – This is a special condition. What this implies is that 
the role or VLAN is set to the value of the attribute returned. 
For this to be successful, the role and the VLAN ID returned 
as the value of the attribute selected must be already config-
ured on the switch when the rule gets applied.

Value

This specifies the value that the attribute must match along with 
the condition for the rule to be applied.

Role / 
VLAN

The role or the VLAN applied to the user when the rule is 
matched.

MS-Filter

EMP

employee

MS-Filter

ADMIN

Admin