Hello,
I want to configure local configured users must authenticate from TACACS+
server first and local authentication have second priority. Authorization of
commands must be permitted from local account configured on M-Series
routers. Do any body have any idea how to accomplish this. I have following
class and user configured on M-Series for authorization purpose.
class superuser-local {
idle-timeout 5;
permissions all;
deny-commands "(file delete)|(clear log)";
deny-configuration "system login";
}
user noc {
uid 2018;
class superuser-local;
Authentication order
authentication-order [ tacplus password ];
Thanks
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
