Справочное Руководство для 3com S7906E
1-9
Default Level
2: System level
Parameters
domain-name: ISP domain name, a case-insensitive string of 1 to 24 characters.
Description
Use the dot1x mandatory-domain command to specify the mandatory authentication domain for
users accessing the port.
Use the undo dot1x mandatory-domain command to remove the mandatory authentication domain.
By default, no mandatory authentication domain is specified.
Note that:
z
When authenticating an 802.1X user trying to access the port, the system selects an authentication
domain in the following order: the mandatory domain, the ISP domain specified in the username,
and the default ISP domain.
z
The specified mandatory authentication domain must exist.
z
On a port configured with a mandatory authentication domain, the user domain name displayed by
the display connection command is the name of the mandatory authentication domain. For
detailed information about the display connection command, refer to AAA Commands in the
Security Volume.
Related commands: display dot1x.
Examples
# Configure the mandatory authentication domain my-domain for 802.1X users on GigabitEthernet
2/0/1.
<Sysname> system-view
[Sysname] interface GigabitEthernet 2/0/1
[Sysname-GigabitEthernet2/0/1] dot1x mandatory-domain my-domain
# After 802.1X user usera passes the authentication, display the user connection information on
GigabitEthernet 2/0/1.
[Sysname-GigabitEthernet2/0/1] display connection interface GigabitEthernet 2/0/1
Index=68 ,Username=usera@my-domian
MAC=0015-e9a6-7cfe ,IP=3.3.3.3
Total 1 connection(s) matched.
dot1x max-user
Syntax
In system view:
dot1x max-user user-number [ interface interface-list ]
undo dot1x max-user [ interface interface-list ]
In Ethernet interface view:
dot1x max-user user-number