security login show

Description​

The security login show command displays the following information about user login methods:

• User name
• Application (console, http, ontapi, rsh, snmp, service-processor, ssh, or telnet)
• Authentication method (community, password, publickey, or usm)
• Role name
• Whether the account is locked
• Whether the user name refers to nsswitch group
• Password hash function

Parameters​

{ [-fields <fieldname>, ...]

If you specify the -fields <fieldname>, ... parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify.

| [-instance ]}

If you specify the -instance parameter, the command displays detailed information about all fields.

[-vserver <Vserver Name>] - Vserver

Displays the login methods that match the specified Vserver name.

[-user-or-group-name <text>] - User Name or Group Name

Displays the login methods that match this parameter value. Value can be a user name or Active Directory, LDAP, or NIS group name.

[-application <text>] - Application

Displays the login methods that match the specified application type. Possible values include console, http, ontapi, rsh, snmp, service-processor, ssh, and telnet.

[-authentication-method <text>] - Authentication Method

Displays the login methods that match the specified authentication method. Possible values include the following:

• cert - SSL certificate authentication
• community - SNMP community strings
• domain - Active Directory authentication
• nsswitch - LDAP or NIS authentication
• password - Password
• publickey - Public-key authentication
• usm - SNMP user security model
• saml - SAML authentication

[-remote-switch-ipaddress <IP Address>] - Remote Switch IP Address

Displays the login methods that match the specified IP address of the remote switch. The remote switch could be a cluster switch monitored by cluster switch health monitor (CSHM) or a Fibre Channel (FC) switch monitored by MetroCluster health monitor (MCC-HM). This parameter is applicable only when the application is snmp and authentication method is usm (SNMP user security model).

[-role <text>] - Role Name

Displays the login methods that match the specified role.

[-is-account-locked {yes|no}] - Account Locked

Displays the login methods that match the specified account lock status.

[-comment <text>] - Comment Text

Displays the login methods that match the specified comment text.

[-is-ns-switch-group {yes|no}] - Whether Ns-switch Group

This specifies whether user-or-group-name is an LDAP or NIS group. Possible values are yes or no.

[-hash-function {sha512|sha256}] - Password Hash Function (privilege: advanced)

Displays the login methods that match the specified password-hashing algorithm. Possible values are:

• sha512 - Secure hash algorithm (512 bits)
• sha256 - Secure hash algorithm (256 bits)
• md5 - Message digest algorithm (128 bits)

[-second-authentication-method {none|publickey|password|nsswitch}] - Second Authentication Method2

Displays the login methods that match the specified authentication method to be used as the second factor. Possible values include the following:

• password - Password
• publickey - Public-key authentication
• nsswitch - NIS or LDAP authentication
• none - default value