4.6.3. Target Users
In the simplest case, the
target user corresponds to the name of the login user on the target system.
However, in some application scenarios it is desirable to define the target user more flexibly or even to derive it from
the login user.
This can be quite a complex matter.
18.104.22.168. Login Users
login user object type defines a simple user that is exactly the same on the target system . This way smple accounts
like root, admin or guest can be easily covered.
As with many other objects, this can also be added when creating an existing group.
22.214.171.124. Regex Users
login user object type also defines a rather simple user, whereby here a (Perl) regular expression (PCRE) is
defined with which the target user is matched.
126.96.36.199. Mapping Users
Mapping users represent the most complex genre, which allows to convert the specified gateway username using regular expressions and so-called back-references, and then apply the converted result back to the specified target user in a regex.
The fields in detail:
- Gateway User match pattern
This field is used to match the content of the gateway’s username. Parentheses group the regex between them. They capture the text that the contained regex matches into a numbered group, which can then be reused with a numbered back-reference (see next field). This allow you to apply regex operators to the entire grouped regex.
This field is a kind of construction manual on how to reassemble the content extracted from the capture groups. With
$99the corresponding groups can be referenced according to their order.
- Target User Match
This field works in two steps. First, the
%translated%variable in this field is replaced with the result obtained from the first two fields. The result is inserted as a literal, i.e. all special regex characters are quoted accordingly. In a second step, the specified target username is compared using the regular expression specified in this field.
188.8.131.52. User Groups
This object can be used to create groups of the types mentioned above. These can be mixed in any way, but it is not allowed to chain groups.