show services user-identification device-information table
Syntax
Release Information
Statement introduced in Junos OS Release 15.1X49-D70.
logical-system, tenant, all-logical-systems-tenants, and root-logical-system options are introduced in Junos OS Release 20.4R1.
Description
Display the contents of the device identity authentication table. The device identity authentication table includes entries for authenticated devices whose information is obtained from external authentication sources. A device identity entry contains the device’s IP address, the device ID, and a list of groups that the device belongs to. It also contains attributes that are configured in the device identity profile—for example, the type of device, the vendor, and the operating system that is running on the device and its version.
The device identity authentication table is separate from the Active Directory authentication table or any other local authentication table that is used for Junos OS features, or for specific third-party authentication sources. Also, unlike local user authentication tables, which are specific to an authentication source, the device identity authentication table holds device identity information for devices authenticated by different sources.
Only one authentication source, such as Active Directory, can be active at a time. A result of this requirement is that there is less demand on the system to process information.
Options
Required Privilege Level
view
Related Documentation
Output Fields
Table 1: show services user-identification device-information table Output Fields
Field Name | Field Description |
---|---|
Domain name | The name of the domain to which the devices belong. |
Note: For each authenticated device, the following information is displayed when the parameter all is specified after table and it is modified by the keyword extensive. | |
Source IP address | The IP address of the device. |
Device ID | The ID assigned to the device. |
Device-Groups | The groups to which the device belongs. |
device-category | The kind of device. For example, the device might be a laptop. You configured this value as part of the device identity profile. |
device-vendor | The maker of the device. For example, the device vendor might be Lenovo. |
device-type | The device type. If this device is a laptop made by Lenovo, it might be of type thinkpad-t430. |
device-os | The operating system that is running on the device. The operating system might be Windows. |
device-os-version | The version of the operating system running on the device. For example, for Windows, this might be 7.1. |
Location1 | The location where the device is being used. The location might be specified as United States. |
Referred by | The security policy that refers to the device in its source-end-user-profile field. The source-end-user-profile that you configure might pertain to a group of devices or a single device. |
Sample Output
show services user-identification device-information table
user@host> show services user-identification
device-information table all extensive
Domain: example.net Total entries: 3 Source IP:192.0.2.11 Device ID: dev01 Device-Groups: device_group01, device_group02, device_group03, device_group04, device_group05 device-category: laptop device-vendor: lenovo device-type: thinkpad-t430 device-os: windows device-os-version: 7.1 Location1: us1 Referred by: My-pf_0 Source IP: 192.0.2.12 Device ID: dev02 Device-Groups: device_group06, device_group07, device_group08, device_group09, device_group10 device-category: laptop device-vendor: lenovo device-type: thinkpad-t430 device-os: windows device-os-version: 7.1 Location1: us1 Referred by: My-pf_0 Source IP: 192.0.2.14 Device ID: dev03 Device-Groups: device_group01, device_group02, device_group03, device_group04, device_group05 device-category: laptop device-vendor: lenovo device-type: thinkpad-t430 device-os: windows device-os-version: 7.1 Location1: us1 Referred by: My-pf_0
user@host> show services user-identification
device-information table all
Domain: example.net Total entries: 1 Source IP Device ID Device-Groups 2001:db8::1:1 dev04 device-group08
show services user-identification device-information table all extensive
user@host> show services user-identification
device-information table all extensive
Domain: jims-dom1.local Total entries: 1 Source IP: 2001:db8:4136:e378:8000:63bf:3fff:fdd2 Device ID: win-test$ Device-Groups: dev, pre-windows 2000 compatible access, cert publishers, denied rodc password replication group device-os: windows server 2012 r2 standard evaluation device-os-version: 6.3 (9600) Referred by: p1
show services user-identification device-information table all
user@host> show services user-identification
device-information table all
example.net Total entries: 1 Source IP Device ID Device-Groups 2001:db8:4136:e378:8000:63bf:3fff:fdd2 dev04 device-group08
Sample Output
show services user-identification device-information table all domain example.net extensive tenant tn1
user@host> show services user-identification
device-information table all domain example.net extensive tenant tn1
Domain: example.net Total entries: 1 Source IP: 1.1.1.2 Device ID: abewu-T430 Device-Groups: CNRD, DEV Referred by: profile1, profile2 device-category:laptop device-vendor:Lenovo device-type:ThinkPad T430 device-os:Windows device-os-version:7.1
show services user-identification device-information end-user-profile address profile-name eup2 tenant tn1
user@host> show services user-identification
device-information end-user-profile address profile-name eup2 tenant
tn1
Total IP addresses: 2 10.20.30.40 11.21.31.41
show services user-identification device-information end-user-profile address ip-start 10.0.0.0 ip-end 20.255.255.255 tenant tn1
user@host> show services user-identification
device-information end-user-profile address ip-start 10.0.0.0 ip-end
20.255.255.255 tenant tn1
Total IP addresses: 2 Total IP-end-user-profile mappings: 4 Address: 10.20.30.40 End-user-profile: eup1(1), eup2(2) Address: 11.21.31.41 End-user-profile: eup2(2), eup3(3)
show services user-identification device-information end-user-profile address tenant tn1
user@host> show services user-identification
device-information end-user-profile address tenant tn1
Total IP addresses: 2 Total IP-end-user-profile mappings: 4 End-user-profile: eup1(1) 10.20.30.40 End-user-profile: eup2(2) 10.20.30.40 11.21.31.41 End-user-profile: eup3(3) 11.21.31.41