You are here: Home > CLI Commands > Just_CLI_Topics > show rights

show rights

show rights [<name-of-a-role>]

Description

Displays the list of user roles in the roles table with high level details of role policies. To view role policies of a specific role specify the role name.

Syntax

Parameter

Description

name-of-a-role

Enter the role name to view its policy details.

Example

The output of this command shows the list of roles in the role table.

(host) [mynode]# show rights

 

RoleTable

---------

Name ACL Bandwidth ACL List Type

---- --- --------- -------- ----

ap-role 4 Up: No Limit,Dn: No Limit control/,ap-acl/ System

authenticated 39 Up: No Limit,Dn: No Limit allowall/,v6-allowall/ User

default-vpn-role 37 Up: No Limit,Dn: No Limit allowall/,v6-allowall/ User

guest 3 Up: No Limit,Dn: No Limit http-acl/,https-acl/,dhcp-acl/ User

guest-logon 6 Up: No Limit,Dn: No Limit logon-control/,captiveportal/ User

logon 1 Up: No Limit,Dn: No Limit logon-control/,captiveportal/ User

stateful-dot1x 5 Up: No Limit,Dn: No Limit System

voice 38 Up: No Limit,Dn: No Limit sip-acl/,noe-acl/,svp-acl/,vocera-acl/ User

The following output displays the ACEAccess Control Entry. ACE is an element in an ACL that includes access control information. entries of role based ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port. in IPv6 Split-Tunnel forwarding mode in Remote APsRemote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.:

(host) [mynode] #show rights split

split -----

Priority Source Destination Service Application Action TimeRange Log -------- ------ ----------- ------- ----------- ------ --------- --- 1 any any svc-dhcp permit 2 any any svc-dns permit 3 user fe80::/16 any-v6 permit 4 fe80::/16 user any-v6 permit 5 any any any-v6 route src-nat 6 any any svc-v6-dhcp permit

 

Expired Queue TOS 8021P Blacklist Mirror DisScan IPv4/6 Contract ------- ----- --- ----- --------- ------ ------- ------ -------- Low 4 Low 4 Low 4 Low 4 Low 4 Low 6

 

Expired Policies (due to time constraints) = 0

Command History

Release

Modification

ArubaOS 8.4.0.0

The output of the show rights <name-of-a-role> command displays the IPv6 ACEAccess Control Entry. ACE is an element in an ACL that includes access control information. entries of role-based ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port. in Split-Tunnel forwarding mode.

ArubaOS 8.0.0.0

Command introduced.

Command Information

Platforms

Licensing

Command Mode

All platforms

Base operating system.

Available in Enable and Config modes on Mobility Master and managed devices.

/*]]>*/