aaa query-user
aaa query-user <auth-server> <user-name> <mac-address>
Description
Troubleshoot an authentication failure by verifying that the user exists in the authentication server database. If the Admin-DN binds successfully but the wireless user fails to authenticate, issue this command to troubleshoot whether the problem is with the wireless network, the managed device, or the authentication server. The aaa query-user <auth_server> <username> <mac-address>
command to make the managed device sends a search query to find the user. If that search fails in spite of the user being in the server database, it is most probable that the base DN where the search was started was not correct. In such case, it is advisable to make the base DN at the root of the authentication server tree.
Parameter |
Description |
<auth-server> |
Name of a configured authentication server. |
<user-name> |
Name of a user whose authentication record you want to view. |
<mac-address> |
MAC address of the client. |
Example
The example below shows part of the output for an LDAP record for the username JDOE.
(host) [mynode] #aaa query-user eng JDOE
(host) [mynode] #objectClass: top
(host) [mynode] #objectClass: person
(host) [mynode] #objectClass: organizationalPerson
(host) [mynode] #objectClass: user
(host) [mynode] #cn: John Doe
(host) [mynode] #sn: Doe
(host) [mynode] #userCertificate: 0\202\005\2240\202\004|\240\003\002\001\002\002\012H\011\333K
(host) [mynode] #userCertificate: 0\202\005\2240\202\004|\240\003\002\001\002\002\012]\350\346F
(host) [mynode] #userCertificate: 0\202\005\2240\202\004|\240\003\002\001\002\002\012\023\001\017\240
(host) [mynode] #userCertificate: 0\202\005\2240\202\004|\240\003\002\001\002\002\012\031\224/\030
(host) [mynode] #userCertificate: 0\202\005~0\202\004f\240\003\002\001\002\002\012\031\223\246\022
(host) [mynode] #userCertificate: 0\202\005\2240\202\004|\240\003\002\001\002\002\012\037\177\374\305
(host) [mynode] #givenName: JDE
(host) [mynode] #distinguishedName: CN=John Doe,CN=Users,DC=eng,DC=net
(host) [mynode] #instanceType: 4
(host) [mynode] #whenCreated: 20060516232817.0Z
(host) [mynode] #whenChanged: 20081216223053.0Z
(host) [mynode] #displayName: John Doe
(host) [mynode] #uSNCreated: 24599
(host) [mynode] #memberOf: CN=Cert_Admins,CN=Users,DC=eng,DC=net
(host) [mynode] #memberOf: CN=ATAC,CN=Users,DC=eng,DC=net
(host) [mynode] #uSNChanged: 377560
(host) [mynode] #department: eng
(host) [mynode] #name: John Doe
...
Command History
Release |
Modification |
AOS 8.0.0.0 |
Command introduced. |
Command Information
Platforms |
License |
Command Mode |
All platforms |
Base operating system. |
Enable mode on Mobility Conductor. |