S2720, S5700, and S6700 V200R019C10 Configuration Guide - User Access and Authentication

This document describes the configurations of User Access and Authentication Configuration, including AAA, NAC, Policy Association, and Kerberos Snooping.

Forcing Users to Go Offline

Context

You can force online users to go offline by specifying the domain name or interface. This function is applicable to situations such as when the online users are unauthorized, the number of online users reaches the maximum, or the AAA configurations are modified. For example, when you modify the AAA configurations of online users, the new AAA configurations take effect on these users only after you force them to go offline.

If you delete the AAA configuration of online users, the users may be forced to go offline.

Procedure

Run the cut access-user { domain domain-name | interface interface-type interface-number [ vlan vlan-id [ qinq qinq-vlan-id ] ] | ip-address ip-address [ vpn-instance vpn-instance-name ] | mac-address mac-address | access-slot slot-id | user-id begin-number [ end-number ] | username user-name } or cut access-user access-type { admin [ ftp | ssh | telnet | terminal | web ] | ppp } [ username user-name ] command in the AAA view to disconnect one or more sessions. After a session of a user is disconnected, the user is forced to go offline.
Run the cut access-user ssid ssid-name (supported by S5720-HI, S5730-HI, S6720-HI, S5731-H, S5731S-H, S6730S-H, S5732-H, and S6730-H) command in the AAA view to disconnect one or more sessions based on SSIDs. After a session of a user is disconnected, the user is forced to go offline.
Run the cut access-user ucl-group { group-index | name group-name } command in the AAA view to force UCL group users offline.

Translation

Favorite

Download

Update Date：2023-03-02

Document ID：EDOC1100127063

Downloads：1264

Average rating：0.0Points

Related Version

Digital Signature File

digtal sigature tool