security firewall user-domain
security firewall user-domain(1) BIG-IP TMSH Manual security firewall user-domain(1)
NAME
user-domain - Configures a user-domain for use by firewall rules.
MODULE
security firewall
SYNTAX
CREATE/MODIFY
create user-domain [name]
modify user-domain [[name] | all]
options:
domain string
ifmap-service [add | delete | modify | replace-all-with] {
[ip]
[port]
[login]
[password]
}
app-service [name]
description [string]
edit user-domain [[name] | all]
options:
all-properties
non-default-properties
DISPLAY
list user-domain [[name] | all | [property]]
show running-config user-domain [[name] | all | [property]]
DELETE
delete user-domain [[name] | all]
RUN
run user-domain [[name] | all] clear-cache
DESCRIPTION
A user-domain object holds attributes to reach services that provide more information about a user. This
information includes the domain for which the service is defined, the identity service that can be used to
validate this user and the ifmap service that can be used to obtain more information about the user. User
domains also have associated cache data which is utilized by user identity feature for performance
improvements. You can use the user-domain component to define reusable configuration that is used to learn
about more users used in the firewall rules or clear their associated cache data on demand.
EXAMPLES
create user-domain gladiators identity-server add { felix-legions { ip 1.1.1.1 login maximus password meridius
port 10002 } }
Creates a new user-domain object that defines a new identity-server for domain gladiators with an identity
service felix-legions
modify user-domain gladiators ifmap-server add { rome { ip 10.10.10.10 login marcus password aurelius port
10002 } }
Modifies the above user domain to add an ifmap server.
run user-domain grumpycat clear-cache
Clears the user identity cache associated with a specified user domain name.
run user-domain all clear-cache
Clears the user identity cache for all available user domains.
OPTIONS
domain
Specifies a domain for which the identity and ifmap services are defined.
app-service
Associates this user domain with a particular Application Service. An Application Service is a major
component of an iApp, an advanced configuration tool for creating and maintaining similar applications on
multiple servers. The asm module (see asm) has components for working with iApps.
description
User-defined description for this user domain.
clear-cache
Invokes clear-cache functionality for the given user-domain name.
SEE ALSO
edit, list, modify, net self, net route-domain, security firewall global-rules, security firewall management-
ip-rules, security firewall rule-list, ltm virtual, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008, 2012-2014, 2016. All rights reserved.
BIG-IP 2016-03-14 security firewall user-domain(1)