< Home

import-override enable

Function

The import-override enable command allows the users or user groups imported from an authentication server to replace those with the same names on a local FW.

The undo import-override enable command prevents the users or user groups imported from an authentication server from replacing those with the same names on the local FW.

Format

import-override enable

undo import-override enable

Parameters

None

Views

Server import policy view

Default Level

2: Configuration level

Usage Guidelines

By default, the FW does not allow the users or user groups imported from an authentication server to replace those with the same names locally.

If you run the import-override enable command, the users or user groups imported from the authentication server replace those with the same names (if any) on the local FW. In addition, the subgroups of the same names are also replaced.

The replacement does not apply to the users or user groups created by an administrator, or to those imported from the CSV file.

User replacement starts as long as users with the same names exist on the FW despite their groups. Group replacement takes effect only on groups with the same paths, not affecting their subgroups.

If you run the undo import-override enable command, the system skips the users or user groups with the same names as those on the local FW and imports other users or user groups.

The import-override enable command applies only to the current import policy.

Example

# Allow the users or user groups from an authentication server to replace those with the same names on the local FW.

<sysname> system-view
[sysname] user-manage import-policy policy1 from ldap
[sysname-import-policy1] import-override enable
Parent Topic: User and Authentication Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >