The user command sets a user, user group or security group as a matching condition.
The undo user command deletes the configuration.
user { user-name &<1-6> | user-group user-group-name &<1-6> | security-group security-group-name &<1-6> | any }
undo user { user-name &<1-6> | user-group user-group-name &<1-6> | security-group security-group-name &<1-6> | all }
| Parameter | Description | Value |
|---|---|---|
| user-name | Specifies the name of a user. |
The value must be the name of an existing user. When a user in a non-default authentication domain is specified, the user name must carry "@authentication-domain-name." For example, user1@test indicates user1 in the test authentication domain. |
| user-group-name | Specifies the name of a user group. |
The value must be the name of an existing user group. |
| security-group-name | Specifies the name of a security group. |
The value must be the name of an existing security group. |
| any | Indicates any user, user group or security group. |
- |
| all | Deletes all configurations that use user, user group or security group as a matching condition of a PBR rule. |
- |
The user, user group or security group of packets can be a matching condition of a PBR rule. Configure the users, user groups or security groups before referencing them in a PBR rule.
The users, user groups or security groups are logically ORed matching conditions. Packets matching either of them match the PBR rule. User-specific PBR takes effect only on authenticated users.