Skip to main content
Command reference

security jit-privilege user show

Suggest changes
PDFs

Display JIT privilege of users

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

Description

The security jit-privilege user show displays just-in-time(JIT) privilege elevation entries.

Parameters

{ [-fields <fieldname>,…​]

This specifies the fields that need to be displayed.

| [-instance ] }

If this parameter is specified, the command displays information about all just-in-time privilege configuration.

[-vserver <vserver name>] - Vserver

If this parameter is specified, the command displays information only about the just-in-time configuration that match the specified Vserver.

[-username <text>] - Username

If this parameter is specified, the command displays information only about the just-in-time configuration that match the specified username.

[-application <text>] - Application

If this parameter is specified, the command displays information only about the just-in-time configuration that match the specified application.

[-role <text>] - Role Name

If this parameter is specified, the command displays information only about the just-in-time configuration that match the specified access-control role name.

[-session-validity-period <time_interval>] - Session Validity Period

If this parameter is specified, the command displays information only about the just-in-time configuration that match the specified session validity period.

[-jit-validity-period <time_interval>] - JIT Validity Period

If this parameter is specified, the command displays information only about the just-in-time configuration that match the specified just-in-time validity period.

[-start-time <MM/DD/YYYY HH:MM:SS>] - Start Time

If this parameter is specified, the command displays information only about the just-in-time configuration that match the specified start time.

[-end-time <MM/DD/YYYY HH:MM:SS>] - End Time

If this parameter is specified, the command displays information only about the just-in-time configuration that match the specified end time.

[-comment <text>] - Comment

If this parameter is specified, the command displays information only about the just-in-time configuration that match the specified comment text.

[-jit-status <text>] - Status

If this parameter is specified, the command displays information only about the just-in-time configuration that match the specified just-in-time status.

Examples

The following command displays the just-in-time entries configured.

cluster1::> security jit-privilege user show
                Vserver : cluster-1
                Username: jdoe
             Application: ssh
               Role Name: admin
 Session Validity Period: 1h0m0s
     JIT Validity Period: 1h0m0s
              Start Time: 4/17/2023 14:37:58
                End Time: 4/17/2023 15:37:58
                 Comment: JIT entry for jdoe
                  Status: active