logical-domain-identity-management
Syntax
logical-domain-identity-management {
active {
authentication-entry-timeout minutes;
filter {
domain name;
exclude-ip {
address-book book-name;
address-set address-set;
}
include-ip {
address-book book-name;
address-set address-set;
}
}
invalid-authentication-entry-timeout minutes;
ip-query {
query-delay-time seconds;
}
query-server name {
batch-query {
items-per-batch items-per-batch;
query-interval seconds;
}
connection (Identity Management Advanced Query){
connect-method (http | https);
port port;
primary {
address address;
ca-certificate ca-certificate;
client-id client-id;
client-secret client-secret;
}
query-api query-api;
secondary {
address address;
ca-certificate ca-certificate;
client-id client-id;
client-secret client-secret;
}
token-api token-api;
}
}
}
traceoptions {
file <filename> <files files> <match match> <size size> <(world-readable | no-world-readable)>;
flag name;
level (all | error | info | notice | verbose | warning);
no-remote-trace;
}
}
Hierarchy Level
[edit services]
Description
CAUTION:
Enabling tracing can adversely impact scale and performance and may increase security risk. We strongly recommend using the trace, tracing, or traceoptions commands only under the guidance of a JTAC support engineer. After collecting the debug information, immediately disable tracing to minimize risk and restore normal system performance.
Specify the logical domain identity management configuration for both logical systems and tenant systems.
Options
| active | Displays the active mode for logical domain identity management module. |
| traceoptions | Displays the tracing options. |
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 19.3R1.