Home > Storage > PowerScale (Isilon) > Product Documentation > Management and Migration > PowerScale OneFS User Mapping: Mapping Identities Across Authentication Providers > Rule syntax and username format
You create rules with the command-line interface using the following syntax:
username1 operator username2 [options]
If you leave one of the fields in a rule empty, OneFS omits the field when it processes the rule. The exception is the operator: a rule must contain an operator.
You can name a user in four ways, as described in the following table.
Username format | Description |
DOMAIN\user | This format matches a user account in an Active Directory domain. |
Username | This format matches an identity’s UNIX account name. The UNIX account name can be in NIS, LDAP, the OneFS local provider, or the OneFS file provider. |
Empty string | An empty string can appear with the replace operator to remove the identity that the rule matches. An empty string must appear in double quotation marks without a space or other characters. |
Wildcard | You can replace the name of a domain, the name of an Active Directory account, and the name of a UNIX account with a wildcard, which you set with an asterisk (*). |
If a username contains a special character, such as a space, you must enclose it in double quotation marks, like this:
TEST_DOMAIN\"John Doe" => jdoe
Make sure you enclose only the username, not the domain, in double quotes.