FAQ-ME60 AAA下用户名长度最长支持多少?

发布时间:  2013-08-30 浏览次数:  126 下载次数:  0
问题描述
Q:ME60 AAA下用户名长度最长支持多少?

设备类型:ME60
设备版本:V600R002/V600R005
处理过程

A:
配置253个字符的用户名(V6R5B00版本)
aaa
local-user 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123 password cipher %$%$4IHvE;Fz;!3.fR+/pd<JYl2j%$%$
local-user 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123 service-type ftp
local-user 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123 level 3
local-user 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123 state block fail-times 3 interval 5
local-user 1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123 ftp-directory cfcard:

ftp登录设备,密码:!QAZ@WSX3edc

通过另一台设备登录,发现登录失败.




查看用户下线原因:
<ME60-109>display aaa online-fail-record
  -------------------------------------------------------------------
  User name          : 12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789
  Domain name        : default_admin
  User MAC           : -
  User access type   : ftp
  User IP address    : -
  User ID            : 278813
  User authen state  : Authened
  User acct state    : AcctIdle
  User author state  : AuthorIdle
  User login time    : 2010-08-21 17:20:41
  Online fail reason : LAM user does not exist   --- 本地用户不存在
  -------------------------------------------------------------------

查看设备本地用户配置,红色字体为输入的用户名:
[ME60-109]display local-user
  ----------------------------------------------------------------------------
  Username                         State  Type         CAR Access-limit Online
  ----------------------------------------------------------------------------
  1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123 Block  F            Dft    No             0
  12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789@default_admin Block  T            Dft    No             0
  hw@default_admin                 Block  F            Dft    No             0
  hw123                            Block  F            Dft    No             0
  ----------------------------------------------------------------------------
  Total 4,4 printed


打开aaa的debug开关查看:
Aug 21 2010 10:01:02.610.40 ME60-109 AAA/7/AAADBG:
  [AAA Debug]AAA_SeparateUserName:UserName:123456789012345678901234567890123456789012345678901234567890123456789012345678@default_admin; PureUserName:123456789012345678901234567890123456789012345678901234567890123456789012345678; DomainName:default_admin

实际输入用户名:
1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123
设备采用:
12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789@default_admin

配置用户名时,最大长度253是包括域名和分隔符@的,如果用户不带域名,则默认使用的是default_admin。

由于用户输入长度为253,不带域名设备会截取后加上默认域名作为整个用户名,所以解析后用户名没有配置就登录不上。

根因

N/A

解决方案

N/A

END