Switching

last person joined: 16 hours ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.

  • 1.  User class settings

    Posted 10-03-2016 08:39

    I want to use the Operator class of rights for our helpdesk team, do not want them to be able to set, or configure.

     

    I want the to have all the rights of the Operator;

    operator

    clear, network, reset, trace, view

     

    How can I make it so they can do the following command;

     

    show configuration | display set | match XXXXXXX

     

    When they currently perform this as an operator, there is no output.

     

    Thanks



  • 2.  RE: User class settings

    Posted 10-03-2016 10:17

    Hi,

     

    Please try adding this :

     

    set system login class User deny-commands configure

     

    Let me know if it works



  • 3.  RE: User class settings
    Best Answer

     
    Posted 10-04-2016 06:27

    Hi, 

     

    You may need a new class for this:

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB23038&actp=search

     

    Example:

    > show configuration system login class op
permissions [ clear network reset trace view view-configuration ];
allow-commands show;
deny-commands "(request)|(start)|(set)";
allow-configuration show;
deny-configuration all;

    Cheers,

    Ashvin