show identity-management role

show identity-management role {role_name} {detail}

Description

Displays summary or detailed configuration information for one or all roles.

Syntax Description

role_name	Specifies a name of an existing role to display.
all	Specifies that all roles are to be displayed.

Default

N/A.

Usage Guidelines

None.

Example

The following command displays all roles that are configured on the switch:

* Switch.95 # show identity-management role
------------------------------------------------------------------
Role Name               Priority    Child Roles       # Identities
*authenticated          255                                 0
*unauthenticated        255                                 0
extr-empl               255         extr-engr               2
extr-engr               255                                 0
*whitelist              0                                   0
*blacklist              0                                   3
-------------------------------------------------------------------
Flags : * - Default Roles
-------------------------------------------------------------------
Total number of role(s) configured : 6

The following command displays detailed information for all roles that are configured on the switch:

* Switch.96 # show identity-management role detail
Role name : extr-empl
Child  Roles : engr
Match Criteria : "company==Extreme;"
Policies : extrPol
Identities : john_smith@d.com; MAC: 00:16:23:51:77:99; Port:8
bob_craig@e.com; MAC: 00:18:23:51:77:99; Port:9
Role name : engr
Child  Roles : india-engr
Match Criteria : "department==Engineering;"
Policies : engrPol, extrPol
Identities : joe_hardy@b.com; MAC: 00:12:23:51:77:99; Port:10
Role name : india-engr
Child  Roles : -
Match Criteria : "country=India; AND department=Engineering;"
Policies : indEngrPol, engrPol, extrPol
Identities : bill_jacob@b.com; MAC: 00:12:33:51:77:99; Port:11
Role name : marketing
Child  Roles : -
Match Criteria : "department=Marketing;"
Policies : markrPol, extrPol
Identities : will_smith@a.com; MAC: 00:11:33:51:77:99; Port:14
Role Name: whitelist (Default Role)
Child Roles : ---
Priority : 0
Match Criteria : "Not Applicable"
Policies : --
Identities # : 0
Identities : --
Role Name: blacklist(Default Role)
Child Roles : ---
Priority : 0
Match Criteria : "Not Applicable"
Policies : --
Identities # : 3
Identities : Unknown_00:11:22:33:44:55; MAC: 00:11:22:33:44:55; Port:1
johndoe@extremenetworks.com; MAC: 00:01:02:03:04:05; Port:2
janedoe@extremenetworks.com; MAC: 00:02:04:06:08:10; Port:3

The next two examples display detailed information for a single role:

* Switch.97 # show identity-management role extr-empl detail
Role name : extr-empl
Child  Roles : engr
Match Criteria : "company=Extreme;"
Policies : extrPol
Identities : johnsmith@extreme.com; MAC: 00:11:33:55:77:99; Port:4
bobcraig@extreme.com; MAC: 00:01:03:05:07:09; Port:5
* Switch.98 # show identity-management role NotAccessibleUser detail
Role name : NotAccessibleUser
Child  Roles : engr
Match Criteria : "UserName = adam; AND IP-Address == 1.2.3.0/24; AND port == 1;"
Policies : extrPol
Identities : adam; MAC: 00:00:11:22:33:44; Port: 1

History

This command was first available in ExtremeXOS 12.5.

MAC addresses were added to the displays for the detail option in ExtremeXOS 12.7.