Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Example: Configuring User Permissions with Access Privilege Levels

    Create two access privilege classes on the router or switch, one for configuring and viewing user accounts only and the second for configuring and viewing SNMP parameters only:

    In this example, you create two custom login classes on the router or switch and assign access privileges to each class through permission flags. The first custom login class is called user-accounts and it only includes access privileges for configuring and viewing user accounts. The second custom login class is called network-mgmt and only includes access privileges for configuring SNMP parameters.

    [edit]
    system {login {class user-accounts {permissions [ configure admin admin-control ]; }class network-mgmt {permissions [ configure snmp snmp-control ];}}}
    1. Create the user-accounts custom login class and give it control over user accounts with the configure admin admin-control permission flag.
      [edit system login]user@router# set class user-accounts permissions configure admin admin-control
    2. Create the network-mgmt custom login class and use the configure snmp snmp-control permission flag to assign it SNMP configuration privileges.
      [edit system login]user@router# set class network-mgmt permissions configure snmp snmp-control
    3. Check your configuration by using the show system login command.
      user@router# show system login
      class user-accounts {permissions [ configure admin admin-control ]; }
      class network-mgmt {permissions [ configure snmp snmp-control ];}

    Modified: 2017-08-31