ON THIS PAGE
Example: Deleting a Logical System
This example shows how to delete a logical system configured for an SRX Series Services Gateway device running logical systems. Only the primary administrator can delete a logical system.
Requirements
The example uses an SRX5600 device running Junos OS with Logical Systems.
Alternatively, follow those instructions substituting your own configuration values.
Overview
This example shows how to delete a logical system, which you can do at any time. However, if you have configured the device to include the maximum number of logical systems that are supported you must first delete an existing logical system before you can add another one.
Deletion of a logical system is a simple procedure that includes these tasks:
Remove from the logical system the security profile that is bound to it.
Note that in this step you are not deleting the security profile–it might be used for other logical systems–but simply detaching it from the logical system that you intend to delete.
Detach from the logical system any login classes that are associated with it.
Removing them from the logical system does not delete the login classes.
Delete the logical system.
Topology
Configuration
Procedure
CLI Quick Configuration
To quickly configure this example, copy the
following commands, paste them into a text file, remove any line breaks,
change any details necessary to match your network configuration,
copy and paste the commands into the CLI at the [edit] hierarchy
level, and then enter commit from configuration mode.
delete system security-profile ls-design-profile logical-system ls-product-design delete system login class ls-design-admin logical-system ls-product-design delete system login class ls-design-user logical-system ls-product-design delete logical-system ls-product-design
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For instructions on how to do that, see Using the CLI Editor in Configuration Mode in the Junos OS CLI User Guide.
To delete a logical system:
Determine that the logical system that you want to delete exists.
[edit] user@host#
show logical-systems ?interconnect-logical-system Logical system name ls-accounting-dept Logical system name ls-marketing-dept Logical system name ls-product-design Logical system nameDelete the security profile.
Step-by-Step Procedure
Verify that security profile that you intend to detach from the logical system is bound to it.
[edit] user@host# show system security-profile ls-design-profile logical-system [ ls-product-design ];
Detach the security profile from the logical system.
[edit] user@host# delete system security-profile ls-design-profile logical-system ls-product-design
Delete the login classes.
Step-by-Step Procedure
Display the login class and login user configurations for the user logical system administrator.
user@host> show configuration system login class ls-design-admin logical-system ls-product-design; permissions all; user@host> show configuration system login user lsdesignadmin1 full-name lsdesignadmin1; uid 2006; class ls-design-admin; authentication { encrypted-password "$ABC123"; ## SECRET-DATA }Detach the login class for the administrator from the logical system.
[edit] user@host# delete system login class ls-design-admin logical-system ls-product-design
Display the login class and login user configurations for the user.
user@host> show configuration system login class ls-design-user logical-system ls-product-design; permissions view; user@host> show configuration system login user lsdesignuser1 full-name lsdesignuser1 uid 2007; class ls-design-user; authentication { encrypted-password "$ABC123"; ## SECRET-DATA }Detach the login class for the user from the logical system.
user@host# delete system login class ls-design-user logical-system ls-product-design
Delete the logical system.
[edit] user@host# delete logical-system ls-product-design
Results
From configuration mode, confirm your configuration
by entering the show logical-systems command. In this case,
the logical system that you deleted should not be included in displayed
list of logical systems configured for the device. If the output does
not display the intended configuration, repeat the configuration instructions
in this example to correct it.
user@host# show logical-systems interconnect-logical-system Logical system name ls-accounting-dept Logical system name interconnect-logical-system Logical system name ls-marketing-dept Logical system name
If you are done configuring the device, enter commit from configuration mode.
Verification
To confirm that the configuration is working properly, perform these tasks:
Verifying That the Correct Logical System and Its Profile and Attached Class Were Deleted
Purpose
Verify if the logical system has been deleted using the show command described previously.