Question: What is the use of "aaa user delete" command option?
Product and Software: This article applies to all Aruba Product and Software
There are seven different ways we can use "aaa user delete" command and below explain each command use.
This command is to delete the users from the controller user-table "show user-table"
Above we need to notice few details:
1. IP < This is user IP address
2. MAC < This is user mac address
3. NAME < This is name using which user got authenticated
4. ROLE < Here you can check which role user before/after authentication
5. AP Name < This AP user is associated
1. "aaa user delete <ip-addr>" If we need to delete specific user IP address from the user-table; we use this command.
2. "aaa user delete mac <client-mac>" This command we can use to delete the client mac address from the user-table
Now it looks like both these command does achieve the same thing but "aaa user delete mac <mac-addr>" is one step ahead.
Sometimes we see same mac address user in user-table with two different IP Address (mostly with handheld devices, as they have pre-configured addresses), that time this command will delete both entries.
3. "aaa user delete role <user-role>" This command will delete all the users in specific role.
4. "aaa user delete name <user-name>" This command will delete user with specific name.
5. "aaa user delete all" If we need to delete all the user from the user-table; we use this command.
CAUTION: Using this command will disconnect all the users from the user-table and if you have VPN devices i.e. RAP and VIA they will get bootstrap/disconnected too.
Do not use this command in production network.
6. "aaa user delete ap-ip-addr <ip-addr>" This command has three options
From this AP IP-address we can delete user with IP address, MAC and ALL the user for that AP.
7. "aaa user delete ap-name <ap-name>" This command has three options
From this we can delete user with IP address, MAC and ALL using particular ap-name.