Displays summary or detailed configuration information for one or all roles.
role_name |
Specifies a name of an existing role to display. |
all |
Specifies that all roles are to be displayed. |
N/A.
None.
The following command displays all roles that are configured on the switch:
* Switch.95 # show identity-management role ------------------------------------------------------------------ Role Name Priority Child Roles # Identities *authenticated 255 0 *unauthenticated 255 0 extr-empl 255 extr-engr 2 extr-engr 255 0 *whitelist 0 0 *blacklist 0 3 ------------------------------------------------------------------- Flags : * - Default Roles ------------------------------------------------------------------- Total number of role(s) configured : 6
The following command displays detailed information for all roles that are configured on the switch:
* Switch.96 # show identity-management role detail Role name : extr-empl Child Roles : engr Match Criteria : "company==Extreme;" Policies : extrPol Identities : john_smith@d.com; MAC: 00:16:23:51:77:99; Port:8 bob_craig@e.com; MAC: 00:18:23:51:77:99; Port:9 Role name : engr Child Roles : india-engr Match Criteria : "department==Engineering;" Policies : engrPol, extrPol Identities : joe_hardy@b.com; MAC: 00:12:23:51:77:99; Port:10 Role name : india-engr Child Roles : - Match Criteria : "country=India; AND department=Engineering;" Policies : indEngrPol, engrPol, extrPol Identities : bill_jacob@b.com; MAC: 00:12:33:51:77:99; Port:11 Role name : marketing Child Roles : - Match Criteria : "department=Marketing;" Policies : markrPol, extrPol Identities : will_smith@a.com; MAC: 00:11:33:51:77:99; Port:14 Role Name: whitelist (Default Role) Child Roles : --- Priority : 0 Match Criteria : "Not Applicable" Policies : -- Identities # : 0 Identities : -- Role Name: blacklist(Default Role) Child Roles : --- Priority : 0 Match Criteria : "Not Applicable" Policies : -- Identities # : 3 Identities : Unknown_00:11:22:33:44:55; MAC: 00:11:22:33:44:55; Port:1 johndoe@extremenetworks.com; MAC: 00:01:02:03:04:05; Port:2 janedoe@extremenetworks.com; MAC: 00:02:04:06:08:10; Port:3
The next two examples display detailed information for a single role:
* Switch.97 # show identity-management role extr-empl detail Role name : extr-empl Child Roles : engr Match Criteria : "company=Extreme;" Policies : extrPol Identities : johnsmith@extreme.com; MAC: 00:11:33:55:77:99; Port:4 bobcraig@extreme.com; MAC: 00:01:03:05:07:09; Port:5 * Switch.98 # show identity-management role NotAccessibleUser detail Role name : NotAccessibleUser Child Roles : engr Match Criteria : "UserName = adam; AND IP-Address == 1.2.3.0/24; AND port == 1;" Policies : extrPol Identities : adam; MAC: 00:00:11:22:33:44; Port: 1
This command was first available in ExtremeXOS 12.5.
MAC addresses were added to the displays for the detail option in ExtremeXOS 12.7.
This command is available on all Universal switches supported in this document.