About SRC Configuration Files in XML Format
The XML structure follows the same hierarchy as
the CLI. For example, in configuration mode the following statements
are available at the [edit system] hierarchy level:
[edit system]
user@host# set ?
Possible completions:
+ authentication-order Order in which authentication methods are invoked
+ domain-search List of domain names to search
host-name Hostname for C Series Controller
> ldap LDAP properties
> login Login properties
+ name-server DNS name servers
> ntp Configure NTP
> radius-server RADIUS server configuration
> services System services configuration
> syslog System log configuration
> tacplus-server TACACS+ server configuration
time-zone Time zone definition name
In an XML file, the tags within the <system> tags are the same as the statements in the [edit system] hierarchy. The tags under <system> can appear in any
order.
<configuration>
<system>
<authentication-order> </authentication-order>
<domain-search> </domain-search>
<host-name> </host-name>
<ldap> </ldap>
<login> </login>
<name-server> </name-server>
<ntp> </ntp>
<radius-server> </radius-server>
<services> </services>
<syslog> </syslog>
<tacplus-server> </tacplus-server>
<time-zone> </time-zone>
</system>
</configuration>
The following example shows parts of a configuration
file for statements in the [edit system] hierarchy:
<?xml version="1.0"?>
<configuration>
<system>
<time-zone>Canada/Eastern</time-zone>
<services>
<telnet/>
<ssh>
<root-login>allow</root-login>
</ssh>
</services>
<host-name>myhost</host-name>
<name-server>192.2.2.10</name-server>
<name-server>192.2.2.20</name-server>
<domain-search>mydomain.juniper.net</domain-search>
<domain-search>juniper.net</domain-search>
<ntp>
<server> <address>192.2.2.100</address>
</server>
<boot-server>192.2.2.100</boot-server>
</ntp>
<ldap>
<server>
<address>10.227.2.100</address>
</server>
<boot-server>10.227.2.100</boot-server>
</ldap>
<ldap>
<server>
<community>
<primary-neighbors>neighbor1</primary-neighbors>
<role>primary</role>
</community>
</server>
</ldap>
<ldap>
<client>
<connection-manager-id>CLI_DATA_MANAGER
</connection-manager-id>
. . .
</client>
</ldap>
<login>
<class>
<name>class-cfg</name>
<allow-configuration>s.*m$|s.*m l.*n</allow-configuration>
<permissions>configure</permissions>
<permissions>interface</permissions>
</class>
<user>
<user-name>admin</user-name>
<class>super-user</class>
<full-name>admin</full-name>
<uid>500</uid>
<gid>100</gid>
<authentication>
. . .
</authentication>
<level>normal</level>
<complete-on-space>on</complete-on-space>
</user>
</login>
<syslog>
. . .
</syslog>
</system>
</configuration>
Example: Using Attributes When Editing an XML Configuration
File
You can modify a single value by inserting an attribute
into one tag. For example, to delete the name server that has the
IP address 192.2.2.20:
<configuration>
<system>
<name-server operation=”delete” >192.2.2.20</name-server>
</system>
</configuration>
You can also modify a number of values within a
hierarchy by adding an attribute at a higher level in the hierarchy.
For example, to replace permissions for the class named class-cfg
in the following configuration:
<configuration>
<system>
<class>
<name>class-cfg</name>
<allow-configuration>s.*m$|s.*m l.*n</allow-configuration>
<permissions>configure</permissions>
<permissions>interface</permissions>
</class>
</system>
</configuration>
Enter the replace attribute for the class:
<configuration>
<system>
<login>
<class operation=”replace” >
<name>class-cfg</name>
<allow-configuration>s.*m$|s.*m l.*n</allow-configuration>
<permissions>control</permissions>
<permissions>maintenance</permissions>
</class>
</login>
</system>
</configuration>
