[j-nsp] read-only config account, "rancid" user
Richmond, Jeff
Jeff.Richmond at frontiercorp.com
Thu Feb 4 13:09:34 EST 2010
Create your own class is probably the easiest since you have total control over what they can or can't do. You could do something simple like this:
class RO-USERS {
permissions [ view view-configuration ];
Just depends on what you want to accomplish. You can then further lock it down so they can only view certain interface types, etc. with the deny and deny-configuration command options.
Good luck,
-Jeff
On Feb 4, 2010, at 9:14 AM, matthew zeier wrote:
> Not clear how to create a dumbed down read-only user who can just view the config.
>
> In a Cisco world I'd use "privilege exec level" . In JunOS, a read-only class can't run "show configuration".
>
> What's the nugget of info I'm missing?
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list