This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
aaa-user
The following operations can be performed on “aaa-user”:
lock | unbind | set | bind | unlock | rm | add | show |
lock aaa user
Locks a AAA user account for 24 hours unless it is explicitly unlocked by unlock aaa user ###Synopsis
lock aaa user
Arguments
userName Name of the AAA user account to lock.
unbind aaa user
Unbinds a policy from the specified user account.
Synopsis
unbind aaa user
Arguments
userName Name of the user account from which to unbind the policy.
policy Name of the policy to unbind.
type Bindpoint to which the policy is bound.
Possible values: REQUEST, UDP_REQUEST, DNS_REQUEST, ICMP_REQUEST Default value: REQUEST
intranetApplication Name of the intranet VPN application from which you are unbinding the policy.
urlName URL of the intranet application from which you are unbinding the policy.
intranetIP Intranet IP address of the application from which you are unbinding the policy.
netmask Subnet mask for the IP range in which the intranet application from which you are unbinding the policy resides. Required if the intranet application has multiple IP addresses bound to it. Not needed if the intranet application resides on a single IP address.
intranetIP6 IP6 address of the intranet application to which you are binding the policy.
numaddr Number of addresses for the IPv6 range in which the intranet application to which you are binding the policy resides. Required if the intranet application has multiple IPv6 addresses bound to it. Not needed if the intranet application resides on a single IP address. Minimum value: 1
Example
unbind AAA user joe -intranetip 10.102.1.123
set aaa user
Configures the password for an existing local AAA user account. This command prompts you for a new password. NOTE: AAA does not request confirmation of the new password, so you might want to test the new password before sending it to the user.
Synopsis
set aaa user
Arguments
userName Name of the local AAA user account.
password Password with which the user logs on. Required for any user account that does not exist on an external authentication server. If you are not using an external authentication server, all user accounts must have a password. If you are using an external authentication server, you must provide a password for local user accounts that do not exist on the authentication server.
Example
set aaa user johndoe password abcd The above command sets the password for johndoe to abcd
bind aaa user
Binds a policy to the specified user account.
Synopsis
bind aaa user
Arguments
userName User account to which to bind the policy.
policy Name for the policy that you are creating. Must begin with a letter, number, or the underscore character (_), and must consist only of letters, numbers, and the hyphen (-), period (.) pound (#), space ( ), at sign (@), equals (=), colon (:), and underscore characters. Cannot be changed after the policy is added.
The following requirement applies only to the Citrix ADC CLI: If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, “my policy” or “my policy”).
priority Integer specifying the priority of the policy. A lower number indicates a higher priority. Policies are evaluated in the order of their priority numbers. Maximum value for default syntax policies is 2147483647 and for classic policies max priority is 64000. Minimum value: 0 Maximum value: 2147483647
type Bindpoint to which the policy is bound.
Possible values: REQUEST, UDP_REQUEST, DNS_REQUEST, ICMP_REQUEST Default value: REQUEST
intranetApplication Name of the intranet VPN application to which the policy applies.
urlName URL of the intranet application to which you are binding the policy.
intranetIP IP address of the intranet application to which you are binding the policy.
netmask Subnet mask for the IP range in which the intranet application to which you are binding the policy resides. Required if the intranet application has multiple IP addresses bound to it. Not needed if the intranet application resides on a single IP address.
gotoPriorityExpression Expression or other value specifying the next policy to evaluate if the current policy evaluates to TRUE. Specify one of the following values:
- NEXT - Evaluate the policy with the next higher priority number.
- END - End policy evaluation.
- USE_INVOCATION_RESULT - Applicable if this policy invokes another policy label. If the final goto in the invoked policy label has a value of END, the evaluation stops. If the final goto is anything other than END, the current policy label performs a NEXT.
- An expression that evaluates to a number. If you specify an expression, the number to which it evaluates determines the next policy to evaluate, as follows:
- If the expression evaluates to a higher numbered priority, the policy with that priority is evaluated next.
- If the expression evaluates to the priority of the current policy, the policy with the next higher numbered priority is evaluated next.
- If the expression evaluates to a number that is larger than the largest numbered priority, policy evaluation ends. An UNDEF event is triggered if:
- The expression is invalid.
- The expression evaluates to a priority number that is numerically lower than the current policy’s priority.
- The expression evaluates to a priority number that is between the current policy’s priority number (say, 30) and the highest priority number (say, 100), but does not match any configured priority number (for example, the expression evaluates to the number 85). This example assumes that the priority number increments by 10 for every successive policy, and therefore a priority number of 85 does not exist in the policy label.
intranetIP6 IP6 address of the intranet application to which you are binding the policy.
numaddr Number of addresses for the IPv6 range in which the intranet application to which you are binding the policy resides. Required if the intranet application has multiple IPv6 addresses bound to it. Not needed if the intranet application resides on a single IPv6 address. Minimum value: 1
Example
To bind intranetip to the user joe: bind aaa user joe -intranetip 10.102.1.123
unlock aaa user
Unlocks a AAA user account which has been locked earlier for exceeding login attempts.
Synopsis
unlock aaa user
Arguments
userName Name of the AAA user account to unlock.
rm aaa user
Removes a local AAA user account and the associated configuration.
Synopsis
rm aaa user
Arguments
userName Name of the AAA user account to remove.
add aaa user
Adds a local AAA user account and verifies the configuration to ensure that it is correct.
Synopsis
add aaa user
Arguments
userName Name for the user. Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) pound (#), space ( ), at (@), equals (=), colon (:), and underscore characters. Cannot be changed after the user is added.
The following requirement applies only to the Citrix ADC CLI: If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, “my aaa user” or “my aaa user”).
password Password with which the user logs on. Required for any user account that does not exist on an external authentication server. If you are not using an external authentication server, all user accounts must have a password. If you are using an external authentication server, you must provide a password for local user accounts that do not exist on the authentication server.
Example
add aaa user johndoe -password abcd add aaa user johndoe -password The above example adds user johndoe with password abcd for first case, password supplied on prompt for second case
show aaa user
Displays the current configuration of a AAA user account.
Synopsis
show aaa user [
Arguments
userName Name of the user who has the account.
loggedIn Show whether the user is logged in or not.
Output
groupName The group name
policy The policy Name.
priority Integer specifying the priority of the policy. A lower number indicates a higher priority. Policies are evaluated in the order of their priority numbers. Maximum value for default syntax policies is 2147483647 and for classic policies max priority is 64000.
intranetApplication Name of the intranet VPN application to which the policy applies.
urlName The intranet url.
actType intranetIP The Intranet IP bound to the user
netmask The netmask for the Intranet IP
intranetIP6 The Intranet IP6 bound to the user
numaddr Numbers of ipv6 address bound starting with intranetip6
policySubType stateflag password Password with which the user logs on. Required for any user account that does not exist on an external authentication server. If you are not using an external authentication server, all user accounts must have a password. If you are using an external authentication server, you must provide a password for local user accounts that do not exist on the authentication server.
gotoPriorityExpression Expression specifying the priority of the next policy which will get evaluated if the current policy rule evaluates to TRUE.
type Bindpoint to which the policy is bound.
devno count
Example
Example
show aaa user joe UserName: joe IntranetIP: 10.102.1.123
Bound to groups:
GroupName: engg Done >
Share
Share
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.