show identity-management role

show identity-management role {role_name} {detail}

Description

Displays summary or detailed configuration information for one or all roles.

Syntax Description

role_name

Specifies a name of an existing role to display.

all

Specifies that all roles are to be displayed.

Default

N/A.

Usage Guidelines

None.

Example

The following command displays all roles that are configured on the switch:

* Switch.95 # show identity-management role
------------------------------------------------------------------
Role Name               Priority    Child Roles       # Identities
*authenticated          255                                 0
*unauthenticated        255                                 0
extr-empl               255         extr-engr               2
extr-engr               255                                 0
*whitelist              0                                   0
*blacklist              0                                   3
-------------------------------------------------------------------
Flags : * - Default Roles
-------------------------------------------------------------------
Total number of role(s) configured : 6

The following command displays detailed information for all roles that are configured on the switch:

* Switch.96 # show identity-management role detail
Role name : extr-empl
Child  Roles : engr
Match Criteria : "company==Extreme;"
Policies : extrPol
Identities : john_smith@d.com; MAC: 00:16:23:51:77:99; Port:8
bob_craig@e.com; MAC: 00:18:23:51:77:99; Port:9
Role name : engr
Child  Roles : india-engr
Match Criteria : "department==Engineering;"
Policies : engrPol, extrPol
Identities : joe_hardy@b.com; MAC: 00:12:23:51:77:99; Port:10
Role name : india-engr
Child  Roles : -
Match Criteria : "country=India; AND department=Engineering;"
Policies : indEngrPol, engrPol, extrPol
Identities : bill_jacob@b.com; MAC: 00:12:33:51:77:99; Port:11
Role name : marketing
Child  Roles : -
Match Criteria : "department=Marketing;"
Policies : markrPol, extrPol
Identities : will_smith@a.com; MAC: 00:11:33:51:77:99; Port:14
Role Name: whitelist (Default Role)
Child Roles : ---
Priority : 0
Match Criteria : "Not Applicable"
Policies : --
Identities # : 0
Identities : --
Role Name: blacklist(Default Role)
Child Roles : ---
Priority : 0
Match Criteria : "Not Applicable"
Policies : --
Identities # : 3
Identities : Unknown_00:11:22:33:44:55; MAC: 00:11:22:33:44:55; Port:1
johndoe@extremenetworks.com; MAC: 00:01:02:03:04:05; Port:2
janedoe@extremenetworks.com; MAC: 00:02:04:06:08:10; Port:3

The next two examples display detailed information for a single role:

* Switch.97 # show identity-management role extr-empl detail
Role name : extr-empl
Child  Roles : engr
Match Criteria : "company=Extreme;"
Policies : extrPol
Identities : johnsmith@extreme.com; MAC: 00:11:33:55:77:99; Port:4
bobcraig@extreme.com; MAC: 00:01:03:05:07:09; Port:5
* Switch.98 # show identity-management role NotAccessibleUser detail
Role name : NotAccessibleUser
Child  Roles : engr
Match Criteria : "UserName = adam; AND IP-Address == 1.2.3.0/24; AND port == 1;"
Policies : extrPol
Identities : adam; MAC: 00:00:11:22:33:44; Port: 1

History

This command was first available in ExtremeXOS 12.5.

MAC addresses were added to the displays for the detail option in ExtremeXOS 12.7.

Platform Availability

This command is available on all Universal switches supported in this document.