Jump to content
Welcome to our new Citrix community!

Configure patset for AAA Authentication policy

Recommended Posts

I am triying to simplify the next expression:




Can I use patset or any other function to do this configuration?, I appreciate if somebody have made that


I tried to create this expression but did not work




Link to comment
Share on other sites

You need the aaa.user.is_member_of_any("<ps_grouplist>") where <ps_grouplist> is your patternset of the Groups you are matching on.

Likely will be a case-sensitive comparison.


The _Any operators evaluate across patternsets.  Group names will likely be case-sensitive on match (though I can't test to confirm). 

aaa.user has an additional unique operator for aaa.user.is_emembe_of_all("<ps_grouplist>") which is an AND condition instead of the usual _ANY which is an OR condition. As an FYI.


The aaa.user.groups operator isn't compatible in this situation for what you want as it is returning a group list and can't in turn be compared to a patternset.


Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...