The user-filter command configures the filtering condition for importing users from an authentication server.
The undo user-filter command restores the default filtering condition.
| Parameter | Description | Value |
|---|---|---|
| user-filter | Specifies the filtering condition of a user. The parameter is in regular expression. | If the filtering condition does not contain any space, its length ranges from 1 to 256. If the filtering condition contains spaces, its length ranges from 3 to 258, and you must enclose the parameter with double quotation marks (") and ensure that the filtering condition does not start or end with a space. The default value is recommended. |
The authentication server searches users based on the filtering condition. The users who match the filtering condition are imported to the device.
The default filtering condition for importing users from an AD or AD LDAP server is (&(|(objectclass=person)(objectclass=organizationalPerson))(cn=*)(!(objectclass=computer))). The default filtering condition for importing users from an Open LDAP server is (&(|(objectclass=person)(objectclass=organizationalPerson))(cn=*)), because servers of this type do not have objects of the computer type. The default filtering condition for importing users from a Sun ONE LDAP server is (&(|(objectclass=person)(objectclass=organizationalPerson))(uid=*)). You are advised to keep the default values.