[j-nsp] ERX - Local Commands Authorization
Thomas Salmen
tsalmen at orcon.net.nz
Thu Dec 29 04:26:16 EST 2005
>
> This would be great, if i can just deny them enable mode and let them be
> able to do sh run from the priv 1
I don't think you'll be able to get a full show run output from level 1,
because the cli suppresses lines that would normally only be available to
users with higher privileges:
lab_erx02#show conf
! Configuration script being generated on THU DEC 29 2005 04:25:06 UTC
! Juniper Edge Routing Switch ERX-700
! Version: 6.1.2 release-0.0 [BuildId 4051] (September 15, 2005 14:30)
! Copyright (c) 1999-2005 Juniper Networks, Inc. All rights reserved.
!
! Commands displayed are limited to those available at privilege level 1
^^^^^^^^^^^^^^^^^
You might be out of luck in that regard.
>
> raya-ERX>en
You need to be at priv 15 - standard enable is level 10. Try "enable 15",
standard en password. Then the privilege command should be available.
/t
> Password: *******
> raya-ERX#conf t
> Enter configuration commands, one per line. End with ^Z.
> raya-ERX(config)#privilege exec level 1 show run
> ^
> % Invalid input detected at '^' marker.
> raya-ERX(config)#privilege exec level 1 ?
> ^
> % Invalid input detected at '^' marker.
> raya-ERX(config)#privilege exec level ?
> ^
> % Invalid input detected at '^' marker.
> raya-ERX(config)#privilege exec ?
> ^
> % Invalid input detected at '^' marker.
> raya-ERX(config)#privilege ?
> ^
> % Invalid input detected at '^' marker.
> raya-ERX(config)#privilege?
> % Unrecognized command
> raya-ERX(config)#privile
>
> raya-ERX(config)#privile
>
> raya-ERX(config)#privile?
> % Unrecognized command
> raya-ERX(config)#privi?
> % Unrecognized command
> raya-ERX(config)#pr?
> profile
>
>
More information about the juniper-nsp
mailing list