Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    show services user-identification active-directory-access active-directory-authentication-table

    Syntax

    show services user-identification active-directory-access active-directory-authentication-table (all | group name | ip-address ip-address | user name<domain name> <node (node-id | all | local | primary)> <brief | extensive>

    Release Information

    Command introduced in Junos OS Release 12.1X47-D10.

    Description

    Display information about all entries in the Active Directory authentication table used in the integrated user firewall feature, or for a specific group, IP address or user.

    Options

    • all—Summary of the authentication entry information.
    • group group-name—Display the entries from the authentication table for the specified group.
    • ip-address ip-address—Display the entries from the authentication table for the specified IP address.
    • user name—Display the entries from the authentication table for the specified username.
    • domain name—(Optional) Display the summary, group, or user entries for the specified domain.
    • node—(Optional) For chassis cluster configurations, display the summary, IP address, or user entries for a specific node.
      • node-id—Identification number of the node. It can be 0 or 1.
      • all—Display information about all nodes.
      • local—Display information about the local node.
      • primary—Display information about the primary node.
    • brief | extensive—Display the specified level of output (the default is brief).

    Required Privilege Level

    view

     

    Related Documentation

     

    List of Sample Output

    show services user-identification active-directory-access active-directory-authentication-table ip-address <ip-address>
    show services user-identification active-directory-access active-directory-authentication-table all
    show services user-identification active-directory-access active-directory-authentication-table all domain
    show services user-identification active-directory-access active-directory-authentication-table all extensive

    Output Fields

    Table 1 lists the output fields for the show services user-identification active-directory-access active-directory-authentication-table all extensive command.

    Table 1: show services user-identification active-directory-access active-directory-authentication-table all extensive Output Fields

    Field Name

    Field Description

    Source IP

    IP address for user who is logged in through the domain controller.

    Username

    ID of the user who is logged in through the domain controller.

    Groups

    Groups to which the user is associated in the domain controller.

    State

    States include the following:

    Pending

    This IP address is being probed.

    Initial

    The authentication entry is only received from the WMIC daemon, not pushed to the Packet Forwarding Engine.

    Valid

    The authentication entry is pushed to the Packet Forwarding Engine.

    Invalid

    The PC probe failed.

    Access start date

    Date that the authentication entry was created.

    Access start time

    Time that the authentication entry was created.

    Age time

    Number of minutes after which the authentication entry will time out.

    Sample Output

    show services user-identification active-directory-access active-directory-authentication-table ip-address <ip-address>

    user@host> show services user-identification active-directory-access active-directory-authentication-table ip-address 192.0.2.3
    Domain: ad02.net
 Source-ip: 192.0.2.3
  Username: user1
      Groups:group1
  State: Valid
  Source: wmic
  Access start date: 2014-03-10
  Access start time: 13:59:56
  Age time: 1437

    Sample Output

    show services user-identification active-directory-access active-directory-authentication-table all

    user@host> show services user-identification active-directory-access active-directory-authentication-table all 
    Domain: www.engineering-example.net
Total count: 2
Source IP       Username      Groups          State   
 10.1.1.2         u2           r1, r3, r4      initial
 10.1.1.3         u3           r5, r6, r4      pending 

Domain: www.hr-example.net
Total count: 2
Source IP       Username      Groups          State   
 10.1.1.5         u4           r1, r3, r4      initial
 10.1.1.6         u5           r5, r6, r4      pending

    Sample Output

    show services user-identification active-directory-access active-directory-authentication-table all domain

    user@host> show services user-identification active-directory-access active-directory-authentication-table all domain www.mycompany-example.com
    Domain: www.mycompany-example.com
Total count: 2
Source IP       Username      Groups          State   
 10.1.1.2         u2          r1, r3, r4      initial
 10.1.1.3         u3          r5, r6, r4      pending

    Sample Output

    show services user-identification active-directory-access active-directory-authentication-table all extensive

    user@host> show services user-identification active-directory-access active-directory-authentication-table all extensive
    Domain: www.mycompany-example.com
Total entries: 2

Source IP: 10.1.1.2
Username: u2
Groups: r1, r3, r4
State: inital
Access start date: 2013-05-22
Access start time: 10:56:58
Age time: 20 min

Source IP: 10.1.1.3
Username: u3
Groups: r5, r6, r4
State: pending
Access start date: 2013-05-22
Access start time: 10:56:58
Age time: 20 min

Domain: www.hr-example.net
Total entries: 2

Source IP: 10.1.1.2
Username: u2
Groups: r1, r3, r4
State: inital
Access start date: 2013-05-22
Access start time: 10:56:58
Age time: 20 min

Source IP: 10.1.1.3
Username: u3
Groups: r5, r6, r4
State: pending
Access start date: 2013-05-22
Access start time: 10:56:58
Age time: 20

    Modified: 2016-07-19

    Previous Page Next Page