Management
Reply
Visitor
m.zavyalov
Posts: 2
Registered: ‎06-27-2012
0

Class permissions commands.

Hello! 

 

I need to configure class commans permissions. 

 

I want useres from "smena-rw" group be allowed to execute  "clear ip bgp neighbor x.x.x.x" ( particular neighbor)

But not allowed  "clear bgp neighbor"  -  all neighbors.

 

 

user@router# show system login class smena-rw
permissions [ clear configure firewall-control interface-control network rollback routing-control view view-configuration ];
allow-commands "(clear bgp neighbor .*)";
deny-commands "(clear bgp neighbor$)";


Config above doesn't accomplish my goal ...

 

rw@router> clear bgp neighbor
                                                           ^
missing argument.

rw@router> clear bgp neighbor ?
Possible completions:
  as                   Autonomous system (1..65535)
  instance             Name of BGP instance
  logical-router       Name of logical router, or 'all'
  soft                 Soft reset outbound state
  soft-inbound         Soft reset inbound state by issuing Refresh


I'm not allowed to clear all bgp session, but also i'm not allowed to clear particular neighbor.

 

Visitor
m.zavyalov
Posts: 2
Registered: ‎06-27-2012
0

Re: Class permissions commands.

[ Edited ]

Could anybody answer my question please ?

Or ... i was wrong with a thread ? :smileywink:

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.