Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

show security policies unknown-source-identity

Syntax

Description

Display a list of any user or role that is referenced in a policy as a source-identity, but is not yet included in the role provisioning table.

The role provisioning table is created from the local authentication table, UAC authentication tables, and user-identification authentication tables. The UAC and user-identification authentication tables are dynamic and contain only those users currently authenticated. Because of this, a role can be listed as unknown because no user associated with the role has authenticated yet. There is no consequence if a role remains unknown.

Required Privilege Level

view

Output Fields

Table 1 lists the output fields for the show security policies unknown-source-identity command. Output fields are listed in the approximate order in which they appear.

Table 1: show security policies unknown-source-identity Output Fields

Field Name

Field Description

From zone

Part of the zone pair that identifies the source of the traffic to which a policy applies. Affected policies are grouped by their zone pair.

To zone

Part of the zone pair that identifies the destination of the traffic to which a policy applies. Affected policies are grouped by their zone pair.

Policy

The name of the policy that contains the unknown source identity.

Unknown source identities

A list of user names and roles specified in the source-identity field of the named policy that are unknown.

Sample Output

show security policies unknown-source-identity

In the following sample output, policy p1 which controls traffic from the untrust zone to the trust zone specifies two roles, r1 and r3, that are not yet provisioned. Similarly, policy p2 affecting traffic from the trust zone to the trust zone also contains two roles that are not provisioned, role1 and abc.

Release Information

Command introduced in Junos OS Release 12.1X45-D10.