Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

show services user-identification active-directory-access user-group-mapping

 

Syntax

Release Information

Command introduced in Junos OS Release 12.1X47-D10.

Description

Display user-to-group mapping information used in the integrated user firewall feature. Note that the LDAP server is often part of the domain controller.

Options

  • group group-name—Display the users mapped to the specified group.

  • status—Display the status of the last query to the LDAP server for user-group mapping.

  • user name—Display the groups for the specified username.

  • domain name—(Optional) Display the group, status, or user information for the specified domain.

Required Privilege Level

view

List of Sample Output

show services user-identification active-directory-access user-group-mapping group domain

show services user-identification active-directory-access user-group-mapping status

show services user-identification active-directory-access user-group-mapping user

Output Fields

Table 1 lists the output fields for the show services user-identification active-directory-access user-group-mapping group command.

Table 1: show services user-identification active-directory-access user-group-mapping group Output Fields

Field Name

Field Description

Domain

Domain of the specified group.

Users

Usernames mapped to the specified group.

Table 2 lists the output fields for the show services user-identification active-directory-access user-group-mapping status command.

Table 2: show services user-identification active-directory-access user-group-mapping status Output Fields

Field Name

Field Description

Domain

Domain for which the status is displayed.

LDAP server

IP address of the LDAP server.

Port

Port number on the LDAP server.

Last-query-status

Status of the last query from the SRX Series device.

Last-query-time

Year-month-date:hour:minutes:seconds when the SRX device last queried the LDAP server.

Table 3 lists the output fields for the show services user-identification active-directory-access user-group-mapping user command.

Table 3: show services user-identification active-directory-access user-group-mapping user Output Fields

Field Name

Field Description

Domain controller

Domain controller about which the user information is displayed.

Groups

Groups to which the user belongs.

Referenced by policy

Groups to which the user belongs and that are referenced by a firewall policy.

Sample Output

show services user-identification active-directory-access user-group-mapping group domain

user@host> show services user-identification active-directory-access user-group-mapping group finance domain www.apac-acme.net

Sample Output

show services user-identification active-directory-access user-group-mapping status

user@host> show services user-identification active-directory-access user-group-mapping status

Sample Output

show services user-identification active-directory-access user-group-mapping user

user@host> show services user-identification active-directory-access user-group-mapping user user1