The no-plug-in interface command sets the port used by the FW to receive mirrored AD authentication packets when AD SSO works in monitoring AD authentication packets mode.
The undo no-plug-in interface command cancels the setting.
| Parameter | Description | Value |
|---|---|---|
| interface-type interface-number | Specifies the port used to receive mirrored AD authentication packets. | Number of the Layer 2 port |
If authentication packets from users to the AD server do not pass through the FW, messages carrying authentication results must be mirrored to the FW. In this case, specify a port on the FW to receive mirroring packets.
This port must be an independent Layer 2 port and cannot be used for other services.
Management port (MEth 0/0/0 or GigabitEthernet 0/0/0) cannot receive mirroring packets.
The mirroring port receives only authentication packets and discards other types of packets.
# Specify GigabitEthernet 0/0/1 on the FW to receive mirrored AD authentication packets when AD SSO works in monitoring AD authentication packets mode.
<sysname> system-view [sysname] interface GigabitEthernet 0/0/1 [sysname-GigabitEthernet0/0/1] portswitch [sysname-GigabitEthernet0/0/1] quit [sysname] user-manage single-sign-on ad [sysname-sso-ad] no-plug-in interface GigabitEthernet 0/0/1