How do I determine how many user-hitting derivation rules I have?

Aruba Employee

Product and Software: This article applies to all Aruba controllers and ArubaOS versions.

You have defined server groups and your users are being authenticated. You also have server derivation rules so that users can be sorted into roles when they authenticate successfully.

But you want to find out what rules you have and how many users are hitting them.

To show the server groups you have, issue this command:

(Arub3600) #show aaa server-group

Server Group List
-----------------
NameReferencesProfile Status
----------------------------
default29
internal1Predefined
sg-captiveportal1
sg-dot1x4
sg-dot1x-phones-office1
sg-dot1x-corpsite2203
sg-dot1x-corpsite3202
sg-dot1x-warehouse2
sg-guest0
sg-mgmt1

Total:10


To show how many servers, rules, and hits each server group has, issue this command:

(Aruba3600) #show aaa derivation-rules server-group

Server Groups
-------------
NameServersRuleshitsOut-of-service
----------------------------------
default100
internal110
sg-captiveportal310
sg-dot1x220
sg-dot1x-corpsite22022198
sg-dot1x-corpsite320200
sg-dot1x-warehouse200
sg-guest100
sg-mgmt110

To show how many individual rules were hit by the rules in the server group that you are interested in, issue this command:

(Aruba3600) #show aaa derivation-rules server-group corpsite220

Server Group
------------
NameInservicetrim-FQDNmatch-FQDN
--------------------------------
vortexYesNo
discoveryYesNo

Server Rule Table
-----------------
PriorityAttributeOperationOperandActionValueTotal HitsNew Hits
--------------------------------------------------------------
1Filter-Idcontainsemployeeset roleemployee9999
2Filter-Idcontainscontractset vlan649999

Rule Entries: 2

Version history
Revision #:
1 of 1
Last update:
‎07-04-2014 03:20 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: