Dear Masood, Thanks for the reply. I have tested and solution is working.
Regards. Aamir On Sat, Oct 11, 2008 at 8:41 PM, Masood Ahmad Shah <[EMAIL PROTECTED]>wrote: > When you are using RADIUS or TACACS+ authentication, you can create single > accounts (for authorization purposes) that are shared by a set of users. > > > http://www.juniper.net/techpubs/software/junos/junos57/swconfig57-getting-st > arted/html/sys-mgmt-authentication4.html#1039222 > > HTH > > Regards, > Masood Ahmad Shah > BLOG: http://www.weblogs.com.pk/jahil > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Aamir Saleem > Sent: Friday, September 26, 2008 11:18 AM > To: juniper-nsp@puck.nether.net > Subject: [j-nsp] M-Series Authentication via Tacacs and authorization via > local class > > Hello, > > I want to configure local configured users must authenticate from TACACS+ > server first and local authentication have second priority. Authorization > of > commands must be permitted from local account configured on M-Series > routers. Do any body have any idea how to accomplish this. I have following > class and user configured on M-Series for authorization purpose. > > > class superuser-local { > > idle-timeout 5; > > permissions all; > > deny-commands "(file delete)|(clear log)"; > > deny-configuration "system login"; > > } > > > > user noc { > > uid 2018; > > class superuser-local; > > > Authentication order > > authentication-order [ tacplus password ]; > > Thanks > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
