[an error occurred while processing this directive][an error occurred while processing this directive]

Example: Creating Login Classes

The following example shows how to create several user classes, each with specific privileges. In this example, you configure timeouts to disconnect the class members after a period of inactivity. Users’ privilege levels, and therefore the classes of which they are members, should be dependent on their responsibilities within the organization, and the permissions shown here are only examples.

The first class of users (called “observation”) can only view statistics and configuration. They are not allowed to modify any configuration. The second class of users (called “operation”) can view and modify the configuration. The third class of users (called “engineering”) has unlimited access and control.

[edit]system {login {class observation {idle-timeout 5;permissions [ view ];}class operation {idle-timeout 5;permissions [ admin clear configure interface interface-control networkreset routing routing-control snmp snmp-control trace-control firewall-control rollback ];}class engineering {idle-timeout 5;permissions all;}}}

Published: 2010-04-26

[an error occurred while processing this directive]