show services user-identification active-directory-access user-group-mapping
Syntax
show services user-identification active-directory-access user-group-mapping (group name | status | user name) domain name
Description
Display user-to-group mapping information used in the integrated user firewall feature. Note that the LDAP server is often part of the domain controller.
Options
group group-name—Display the users mapped to the specified group.status—Display the status of the last query to the LDAP server for user-group mapping.user name—Display the groups for the specified username.domain name—(Optional) Display the group, status, or user information for the specified domain.
Required Privilege Level
view
Output Fields
Table 1 lists the output fields for the show
services user-identification active-directory-access user-group-mapping
group command.
Field Name |
Field Description |
|---|---|
|
Domain of the specified group. |
|
Usernames mapped to the specified group. |
Table 2 lists the output fields
for the show services user-identification active-directory-access
user-group-mapping status command.
Field Name |
Field Description |
|---|---|
|
Domain for which the status is displayed. |
|
IP address of the LDAP server. |
|
Port number on the LDAP server. |
|
Status of the last query from the SRX Series Firewall. |
|
Year-month-date:hour:minutes:seconds when the SRX Series Firewall last queried the LDAP server. |
Table 3 lists the output fields for the show services user-identification active-directory-access user-group-mapping
user command.
Field Name |
Field Description |
|---|---|
|
Domain controller about which the user information is displayed. |
|
Groups to which the user belongs. |
|
Groups to which the user belongs and that are referenced by a firewall policy. |
Sample Output
show services user-identification active-directory-access user-group-mapping group domain
user@host> show services user-identification active-directory-access user-group-mapping group finance domain www.apac-acme.net show services user-identification active-directory-access user-group-mapping group finance-group Domain: example-domain.net Users: user1, user2 Domain: example2.domain.net Users: user3
Sample Output
show services user-identification active-directory-access user-group-mapping status
user@host> show services user-identification active-directory-access user-group-mapping status Domain: example-domain.net LDAP server Port Last-query-status Last-query-time 192.0.2.87 389 Query success 2014-02-07:15:50:52 Domain: example2.domain.net LDAP server Port Last-query-status Last-query-time 192.0.2.144 389 Idle 0
Sample Output
show services user-identification active-directory-access user-group-mapping user
user@host> show services user-identification active-directory-access user-group-mapping user user1 Domain example-domain.net Groups: Dev, NAT, SBU Referenced by policy: SBU Domain: example2.domain.net Groups: HR, USA
Release Information
Command introduced in Junos OS Release 12.1X47-D10.