Monitoring User Management and Authentication
This section describes how to manage online users, view the configuration of and statistics on user management and authentication, clear statistics, and debug the user management and authentication module.
Managing Online Users
Run the command listed in Table 1 in any view to display information about online users.
| Operation | Command |
|---|---|
Display information about online users. |
display user-manage online-user [ verbose ] [ group group-name | ipv4-range start-ipv4-address end-ipv4-address | ipv6-range start-ipv6-address end-ipv6-address | security-group security-group-name | user user-name ] display user-manage online-user type { external-user | local-user } [ verbose ] |
Run commands listed in Table 2 in the system view to manage online users.
| Operation | Command |
|---|---|
Forcibly log out an online user. |
user-manage cut online-user { group group-name | user user-name | ipv4 ipv4-address | ipv6 ipv6-address } |
Forcibly log out all online users. |
|
Lock out an online user. |
user-manage freeze online-user { ipv4 freeze-ipv4 | ipv6 freeze-ipv6 } freeze-time freeze-time |
Unlock an online user. |
undo user-manage freeze online-user { ipv4 freeze-ipv4 | ipv6 freeze-ipv6 } |
Enables the function of sending an alarm after the online user monitoring table usage reaches the threshold. |
firewall dynamic-resource used-up alarm online-user-table enable |
Displaying the Configuration and Statistics
Run commands listed in Table 3 in any view to display the configuration of and statistics on user management and authentication.
| Operation | Command |
|---|---|
Display the configuration of users. |
display user-manage user [ verbose ] [ name user-name | alias alias-name | bind [ ipv4 ipv4-address ] [ mac mac-address ] ] |
Display the configuration of user groups. |
display user-manage group [ verbose ] [ group-name ] |
Display the configuration of all the subgroups of a user group. |
display user-manage group group-name sub-group [ verbose ] |
Display the configuration of all the users of a user group. |
display user-manage group group-name user-member [ verbose ] |
Display the configuration of security groups. |
display user-manage security-group [ verbose ] [ security-group-name ] |
Display the configuration of the policy for importing user information from a server. |
display user-manage import-policy [ policy-name ] |
Display the configuration of AAA. |
|
Display the configuration of authentication schemes. |
display authentication-scheme [ scheme-name ] |
Display the configuration of a service scheme. |
display service-scheme [ name name ] |
Display the configuration of authentication domains. |
display domain [ name domain-name ] |
Display the configuration of and statistics on authentication policies. |
display auth-policy rule { all | name rule-name } |
Display the configuration of the global parameters. |
Clearing Statistics
Run commands listed in Table 4 in the user view to clear statistics on user management and authentication.
| Operation | Command |
|---|---|
Clear the matching counts of authentication policy rules. |
reset auth-policy counter { all | rule rule-name } |
Debugging User Management and Authentication
Run commands listed in Table 5 in the user view to debug the user management and authentication module.
| Operation | Command |
|---|---|
Debug authentication policy rules. |
debugging auth-policy { all | error | packet } |
Debug the AAA module. |
debugging aaa { message [ detail ] | error | event | info | all } |
Debug the CM module. |
debugging cm [ all | backup | event | message | error | state | sync | timer ] |
Debug the TM module. |
debugging tm [ all | event | message | error | sync | timer ] |
To debug AAA or CM module in the virtual system, run terminal monitor and terminal debugging in the user view of the public system and then the corresponding debugging command in the virtual system. The public system will display the debugging information.