Displays summary or detailed configuration information for one or all roles.
role_name |
Specifies a name of an existing role to display. |
all |
Specifies that all roles are to be displayed. |
N/A.
None.
The following command displays all roles that are configured on the switch:
* Switch.95 # show identity-management role ------------------------------------------------------------------ Role Name Priority Child Roles # Identities *authenticated 255 0 *unauthenticated 255 0 extr-empl 255 extr-engr 2 extr-engr 255 0 *whitelist 0 0 *blacklist 0 3 ------------------------------------------------------------------- Flags : * - Default Roles ------------------------------------------------------------------- Total number of role(s) configured : 6
The following command displays detailed information for all roles that are configured on the switch:
* Switch.96 # show identity-management role detail Role name : extr-empl Child Roles : engr Match Criteria : "company==Extreme;" Policies : extrPol Identities : john_smith@d.com; MAC: 00:16:23:51:77:99; Port:8 bob_craig@e.com; MAC: 00:18:23:51:77:99; Port:9 Role name : engr Child Roles : india-engr Match Criteria : "department==Engineering;" Policies : engrPol, extrPol Identities : joe_hardy@b.com; MAC: 00:12:23:51:77:99; Port:10 Role name : india-engr Child Roles : - Match Criteria : "country=India; AND department=Engineering;" Policies : indEngrPol, engrPol, extrPol Identities : bill_jacob@b.com; MAC: 00:12:33:51:77:99; Port:11 Role name : marketing Child Roles : - Match Criteria : "department=Marketing;" Policies : markrPol, extrPol Identities : will_smith@a.com; MAC: 00:11:33:51:77:99; Port:14 Role Name: whitelist (Default Role) Child Roles : --- Priority : 0 Match Criteria : "Not Applicable" Policies : -- Identities # : 0 Identities : -- Role Name: blacklist(Default Role) Child Roles : --- Priority : 0 Match Criteria : "Not Applicable" Policies : -- Identities # : 3 Identities : Unknown_00:11:22:33:44:55; MAC: 00:11:22:33:44:55; Port:1 johndoe@extremenetworks.com; MAC: 00:01:02:03:04:05; Port:2 janedoe@extremenetworks.com; MAC: 00:02:04:06:08:10; Port:3
The next two examples display detailed information for a single role:
* Switch.97 # show identity-management role extr-empl detail Role name : extr-empl Child Roles : engr Match Criteria : "company=Extreme;" Policies : extrPol Identities : johnsmith@extreme.com; MAC: 00:11:33:55:77:99; Port:4 bobcraig@extreme.com; MAC: 00:01:03:05:07:09; Port:5 * Switch.98 # show identity-management role NotAccessibleUser detail Role name : NotAccessibleUser Child Roles : engr Match Criteria : "UserName = adam; AND IP-Address == 1.2.3.0/24; AND port == 1;" Policies : extrPol Identities : adam; MAC: 00:00:11:22:33:44; Port: 1
This command was first available in ExtremeXOS 12.5.
MAC addresses were added to the displays for the detail option in ExtremeXOS 12.7.