[j-nsp] M-Series Authentication via Tacacs and authorization via local class
Aamir Saleem
aamirwwol at gmail.com
Fri Sep 26 02:17:47 EDT 2008
Hello,
I want to configure local configured users must authenticate from TACACS+
server first and local authentication have second priority. Authorization of
commands must be permitted from local account configured on M-Series
routers. Do any body have any idea how to accomplish this. I have following
class and user configured on M-Series for authorization purpose.
class superuser-local {
idle-timeout 5;
permissions all;
deny-commands "(file delete)|(clear log)";
deny-configuration "system login";
}
user noc {
uid 2018;
class superuser-local;
Authentication order
authentication-order [ tacplus password ];
Thanks
More information about the juniper-nsp
mailing list