Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

show services user-identification device-information table

 

Syntax

Release Information

Statement introduced in Junos OS Release 15.1X49-D70.

logical-system, tenant, all-logical-systems-tenants, and root-logical-system options are introduced in Junos OS Release 20.4R1.

Description

Display the contents of the device identity authentication table. The device identity authentication table includes entries for authenticated devices whose information is obtained from external authentication sources. A device identity entry contains the device’s IP address, the device ID, and a list of groups that the device belongs to. It also contains attributes that are configured in the device identity profile—for example, the type of device, the vendor, and the operating system that is running on the device and its version.

The device identity authentication table is separate from the Active Directory authentication table or any other local authentication table that is used for Junos OS features, or for specific third-party authentication sources. Also, unlike local user authentication tables, which are specific to an authentication source, the device identity authentication table holds device identity information for devices authenticated by different sources.

Only one authentication source, such as Active Directory, can be active at a time. A result of this requirement is that there is less demand on the system to process information.

Options

allDisplay information for all authenticated devices with entries in the table.
device-idDisplay information for the authenticated device whose device ID is specified.
ip-addressDisplay information for the authenticated device whose IP address is specified.
briefDisplay terse information for the entries in the device identity authentication table entries. You can specify brief as a keyword to the parameters all and device-id.
domain Display the name of domain and information for all authenticated devices that belong to the domain. You can specify domain as a keyword to the parameters all and device-id.
extensiveDisplay extensive information for all of the authenticated devices for which there are table entries. It displays the domain name, the IP address of the device, the device’s ID, the device category and vendor, the device type, and the operating system running on the device and its version.
logical-system Display information for the authenticated devices which belong to the specified logical system.
tenantDisplay information for the authenticated devices which belong to the specified tenant system.
all-logical-systems-tenantsDisplay information for the authenticated devices all logical systems and tenant systems.
root-logical-systemDisplay information for the authenticated devices which belong to the root logical system.

Required Privilege Level

view

Related Documentation

Output Fields

Table 1: show services user-identification device-information table Output Fields

Field Name

Field Description

Domain name

The name of the domain to which the devices belong.

Note: For each authenticated device, the following information is displayed when the parameter all is specified after table and it is modified by the keyword extensive.

Source IP address

The IP address of the device.

Device ID

The ID assigned to the device.

Device-Groups

The groups to which the device belongs.

device-category

The kind of device. For example, the device might be a laptop. You configured this value as part of the device identity profile.

device-vendor

The maker of the device. For example, the device vendor might be Lenovo.

device-type

The device type. If this device is a laptop made by Lenovo, it might be of type thinkpad-t430.

device-os

The operating system that is running on the device. The operating system might be Windows.

device-os-version

The version of the operating system running on the device. For example, for Windows, this might be 7.1.

Location1

The location where the device is being used. The location might be specified as United States.

Referred by

The security policy that refers to the device in its source-end-user-profile field. The source-end-user-profile that you configure might pertain to a group of devices or a single device.

Sample Output

show services user-identification device-information table

user@host> show services user-identification device-information table all extensive
user@host> show services user-identification device-information table all

show services user-identification device-information table all extensive

user@host> show services user-identification device-information table all extensive

show services user-identification device-information table all

user@host> show services user-identification device-information table all

Sample Output

show services user-identification device-information table all domain example.net extensive tenant tn1

user@host> show services user-identification device-information table all domain example.net extensive tenant tn1

show services user-identification device-information end-user-profile address profile-name eup2 tenant tn1

user@host> show services user-identification device-information end-user-profile address profile-name eup2 tenant tn1

show services user-identification device-information end-user-profile address ip-start 10.0.0.0 ip-end 20.255.255.255 tenant tn1

user@host> show services user-identification device-information end-user-profile address ip-start 10.0.0.0 ip-end 20.255.255.255 tenant tn1

show services user-identification device-information end-user-profile address tenant tn1

user@host> show services user-identification device-information end-user-profile address tenant tn1