Hello, I want to configure local configured users must authenticate from TACACS+ server first and local authentication have second priority. Authorization of commands must be permitted from local account configured on M-Series routers. Do any body have any idea how to accomplish this. I have following class and user configured on M-Series for authorization purpose.
class superuser-local { idle-timeout 5; permissions all; deny-commands "(file delete)|(clear log)"; deny-configuration "system login"; } user noc { uid 2018; class superuser-local; Authentication order authentication-order [ tacplus password ]; Thanks _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp