show security policies unknown-source-identity

Syntax

Description

Display a list of any user or role that is referenced in a policy as a source-identity, but is not yet included in the role provisioning table.

The role provisioning table is created from the local authentication table, UAC authentication tables, and user-identification authentication tables. The UAC and user-identification authentication tables are dynamic and contain only those users currently authenticated. Because of this, a role can be listed as unknown because no user associated with the role has authenticated yet. There is no consequence if a role remains unknown.

Required Privilege Level

view

Output Fields

Table 1 lists the output fields for the show security policies unknown-source-identity command. Output fields are listed in the approximate order in which they appear.

Table 1: show security policies unknown-source-identity Output Fields
Field Name	Field Description
`From zone`	Part of the zone pair that identifies the source of the traffic to which a policy applies. Affected policies are grouped by their zone pair.
`To zone`	Part of the zone pair that identifies the destination of the traffic to which a policy applies. Affected policies are grouped by their zone pair.
`Policy`	The name of the policy that contains the unknown source identity.
Unknown source identities	A list of user names and roles specified in the source-identity field of the named policy that are unknown.

Sample Output