Filter
Top Products
Table 14: Defining Login Classes (continued)
CLI Configuration EditorJ-Web Configuration EditorTask
Set the name of the login class and
the ability to use the request system
reboot command:
set class operator-and-boot
allow-commands “request system
reboot”
1.
Next to Class, click Add new entry.
2.
Type the name of the login class:
operator-and-boot
3.
In the Allow commands box, type the request system
reboot command enclosed in quotation marks:
“request system reboot”
4.
Click OK.
Create a login class named
operator-and-boot with the
ability to reboot the router.
Set the permission bits for the
operator-and-boot login class:
set class operator-and-boot
permissions [clear network reset
trace view]
1.
Next to Permissions, click Add new entry.
2.
In the Value list, select clear.
3.
Click OK.
4.
Next to Permissions, click Add new entry.
5.
In the Value list, select network.
6.
Click OK.
7.
Next to Permissions, click Add new entry.
8.
In the Value list, select reset.
9.
Click OK.
10.
Next to Permissions, click Add new entry.
11.
In the Value list, select trace.
12.
Click OK.
13.
Next to Permissions, click Add new entry.
14.
In the Value list, select view.
15.
Click OK.
Give the operator-and-boot
login class operator
privileges.
Creating User Accounts
User accounts provide one way for users to access the Services Router. (Users can
access the router without accounts if you configured RADIUS or TACACS+ servers,
as described in “Setting Up RADIUS Authentication” on page 12 and “Setting Up
TACACS+ Authentication” on page 13.)
The procedure provided in this section creates a sample user named cmartin with
the following characteristics:
■
The user cmartin belongs to the superuser login class.
■
The user cmartin uses an encrypted password, $1$14c5.$sBopasdFFdssdfFFdsdfs0.
Managing User Authentication with a Configuration Editor ■ 17
Chapter 1: Managing User Authentication and Access