security login show

Show user login methods

Availability: This command is available to cluster administrators at the admin privilege level.

Description

The security login show command displays the following information about user login methods:

Parameters

{ [-fields <fieldname>, ...]
If you specify the -fields <fieldname>, ... parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify.
| [-instance ]}
If you specify the -instance parameter, the command displays detailed information about all fields.
[-vserver <Vserver Name>] - Vserver
Displays the login methods that match the specified Vserver name.
[-user-or-group-name <text>] - User Name or Group Name
Displays the login methods that match this parameter value. Value can be a user name or Active Directory, LDAP, or NIS group name.
[-application <text>] - Application
Displays the login methods that match the specified application type. Possible values include console, http, ontapi, rsh, snmp, service-processor, ssh, and telnet.
[-authentication-method <text>] - Authentication Method
Displays the login methods that match the specified authentication method. Possible values include the following:
  • cert - SSL certificate authentication
  • community - SNMP community strings
  • domain - Active Directory authentication
  • nsswitch - LDAP or NIS authentication
  • password - Password
  • publickey - Public-key authentication
  • usm - SNMP user security model
[-role <text>] - Role Name
Displays the login methods that match the specified role.
[-is-account-locked {yes|no}] - Account Locked
Displays the login methods that match the specified account lock status.
[-comment <text>] - Comment Text
Displays the login methods that match the specified comment text.
[-is-ns-switch-group {yes|no}] - Whether Ns-switch Group
This specifies whether user-or-group-name is an LDAP or NIS group. Possible values are yes or no.
[-hash-function {sha512|sha256}] - Password Hash Function (privilege: advanced)
Displays the login methods that match the specified password-hashing algorithm. Possible values are:
  • sha512 - Secure hash algorithm (512 bits)
  • sha256 - Secure hash algorithm (256 bits)
  • md5 - Message digest algorithm (128 bits)

Examples

The example below illustrates how to display information about all user login methods:
cluster1::> security login show

Vserver: cluster1
                            Authentication              Acct   Is-Nsswitch
User/Group Name Application Method         Role Name    Locked Group
--------------- ----------- -------------- ------------ ------ -----------
admin           console     password       admin        no     no
admin           http        password       admin        no     no
admin           ontapi      password       admin        no     no
admin           service-processor
                            password       admin        no     no
admin           ssh         password       admin        no     no
autosupport     console     password       autosupport  no     no

Vserver: vs1.netapp.com
                            Authentication              Acct   Is-Nsswitch
User/Group Name Application Method         Role Name    Locked Group
--------------- ----------- -------------- ------------ ------ -----------
vsadmin         http        password       vsadmin      yes    no
vsadmin         ontapi      password       vsadmin      yes    no
vsadmin         ssh         password       vsadmin      yes    no
9 entries were displayed.