show security policies unknown-source-identity

Syntax

Description

Display a list of any user or role that is referenced in a policy as a source-identity, but is not yet included in the role provisioning table.

The role provisioning table is created from the local authentication table, UAC authentication tables, and firewall authentication tables. The UAC and firewall authentication tables are dynamic and contain only those users currently authenticated. Because of this, a role can be listed as unknown because no user associated with the role has authenticated yet. There is no consequence if a role remains unknown.

Required Privilege Level

view

Output Fields

Table 1 lists the output fields for the show security policies unknown-source-identity command. Output fields are listed in the approximate order in which they appear.

Table 1: show security policies unknown-source-identity Output Fields
Field Name	Field Description
`From zone`	Part of the zone pair that identifies the source of the traffic to which a policy applies. Affected policies are grouped by their zone pair.
`To zone`	Part of the zone pair that identifies the destination of the traffic to which a policy applies. Affected policies are grouped by their zone pair.
`Policy`	The name of the policy that contains the unknown source identity.
Unknown source identities	A list of user names and roles specified in the source-identity field of the named policy that are unknown.

Sample Output