Hello all,
Right now I would like to create a custom login class for a group of users that will only be allowed to create user / pass (this is for a support group) and save the config and update the resuce config.
My missing piece here is - what "expressions" to use for the group I create to allow only what is mentioned above and lock them out of everything else, as well I would like an error message for invalid commands attempted if possible.
The below config is from an example I found...the items in bold will not be used, yet I am looking for correct key words
to get this going.
[edit]system {login {class access-support {idle-timeout 5;permissions [ admin clear configure interface interface-control networkreset routing routing-control snmp snmp-control trace-control firewall-control rollback ];
Thanks