Creating user accounts – Juniper Networks J-Series User Manual
Page 39
Table 14: Defining Login Classes (continued)
CLI Configuration Editor
J-Web Configuration Editor
Task
Set the name of the login class and
the ability to use the
request system
reboot
command:
set class operator-and-boot
allow-commands “request system
reboot”
1.
Next to Class, click Add new entry.
2.
Type the name of the login class:
operator-and-boot
3.
In the Allow commands box, type the
request system
reboot
command enclosed in quotation marks:
“request system reboot”
4.
Click OK.
Create a login class named
operator-and-boot
with the
ability to reboot the router.
Set the permission bits for the
operator-and-boot
login class:
set class operator-and-boot
permissions [clear network reset
trace view]
1.
Next to Permissions, click Add new entry.
2.
In the Value list, select clear.
3.
Click OK.
4.
Next to Permissions, click Add new entry.
5.
In the Value list, select network.
6.
Click OK.
7.
Next to Permissions, click Add new entry.
8.
In the Value list, select reset.
9.
Click OK.
10.
Next to Permissions, click Add new entry.
11.
In the Value list, select trace.
12.
Click OK.
13.
Next to Permissions, click Add new entry.
14.
In the Value list, select view.
15.
Click OK.
Give the
operator-and-boot
login class operator
privileges.
Creating User Accounts
User accounts provide one way for users to access the Services Router. (Users can
access the router without accounts if you configured RADIUS or TACACS+ servers,
as described in “Setting Up RADIUS Authentication” on page 12 and “Setting Up
TACACS+ Authentication” on page 13.)
The procedure provided in this section creates a sample user named
cmartin
with
the following characteristics:
■
The user
cmartin
belongs to the
superuser
login class.
■
The user
cmartin
uses an encrypted password,
$1$14c5.$sBopasdFFdssdfFFdsdfs0
.
Managing User Authentication with a Configuration Editor
■
17
Chapter 1: Managing User Authentication and Access