About SRC Configuration Files in XML Format

The XML structure follows the same hierarchy as the CLI. For example, in configuration mode the following statements are available at the [edit system] hierarchy level:

[edit system]
user@host# set ?
Possible completions:
+ authentication-order Order in which authentication methods are invoked
+ domain-search        List of domain names to search
  host-name            Hostname for C Series Controller
> ldap                 LDAP properties
> login                Login properties
+ name-server          DNS name servers
> ntp                  Configure NTP
> radius-server        RADIUS server configuration
> services             System services configuration
> syslog               System log configuration
> tacplus-server       TACACS+ server configuration
  time-zone            Time zone definition name

In an XML file, the tags within the <system> tags are the same as the statements in the [edit system] hierarchy. The tags under <system> can appear in any order.

<configuration><system><authentication-order> </authentication-order><domain-search> </domain-search><host-name> </host-name><ldap> </ldap><login> </login><name-server> </name-server><ntp> </ntp><radius-server> </radius-server><services> </services><syslog> </syslog><tacplus-server> </tacplus-server><time-zone> </time-zone></system></configuration>

The following example shows parts of a configuration file for statements in the [edit system] hierarchy:

<?xml version="1.0"?><configuration><system><time-zone>Canada/Eastern</time-zone><services><telnet/><ssh><root-login>allow</root-login></ssh></services><host-name>myhost</host-name><name-server>192.2.2.10</name-server><name-server>192.2.2.20</name-server><domain-search>mydomain.juniper.net</domain-search><domain-search>juniper.net</domain-search><ntp><server> <address>192.2.2.100</address></server><boot-server>192.2.2.100</boot-server></ntp><ldap><server><address>10.227.2.100</address></server><boot-server>10.227.2.100</boot-server></ldap><ldap><server><community><primary-neighbors>neighbor1</primary-neighbors><role>primary</role></community></server></ldap><ldap><client><connection-manager-id>CLI_DATA_MANAGER</connection-manager-id>. . .</client></ldap><login><class><name>class-cfg</name><allow-configuration>s.*m$|s.*m l.*n</allow-configuration><permissions>configure</permissions><permissions>interface</permissions></class><user><user-name>admin</user-name><class>super-user</class><full-name>admin</full-name><uid>500</uid><gid>100</gid><authentication>. . .</authentication><level>normal</level><complete-on-space>on</complete-on-space></user></login><syslog>. . .</syslog></system></configuration>

Example: Using Attributes When Editing an XML Configuration File

You can modify a single value by inserting an attribute into one tag. For example, to delete the name server that has the IP address 192.2.2.20:

<configuration><system><name-server operation=”delete” >192.2.2.20</name-server></system></configuration>

You can also modify a number of values within a hierarchy by adding an attribute at a higher level in the hierarchy. For example, to replace permissions for the class named class-cfg in the following configuration:

<configuration><system><class><name>class-cfg</name><allow-configuration>s.*m$|s.*m l.*n</allow-configuration><permissions>configure</permissions><permissions>interface</permissions></class></system></configuration>

Enter the replace attribute for the class:

<configuration><system><login><class operation=”replace” ><name>class-cfg</name><allow-configuration>s.*m$|s.*m l.*n</allow-configuration><permissions>control</permissions><permissions>maintenance</permissions></class></login></system></configuration>

Related Documentation