本文主要是介绍JuniperSRX------------用户管理,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
这篇开始就是详细分块的笔记,我所有的博客,并不是教程,而是给自己看的笔记,所以并不是从零开始就能直接看懂的,有问题可以留言讨论。
--------------------------Juniper SRX 用户管理---------------------------
Juniper的命令,其实是比较形象的,英文稍微好一点,基本都能看懂
1、添加用户
root# set system login user ?
Possible completions:
<user-name> User name (login)
2、用户组设置
root# set system login user XXX class ?
Possible completions:
<class> Login class
operator permissions [ clear network reset trace view ] //用于故障定位,但是看不了配置,也不能编辑
read-only permissions [ view ] //只读 就是只能看看状态
super-user permissions [ all ] //完全权限
unauthorized permissions [ none ] //为radius做模板,没有任何权限,权限在radius里添加
根据不同用途给用户设置组
3、用户UID设置
root# set system login user XXX class read-only uid ?
Possible completions:
<uid> User identifier (uid) (100..64000)
4、root密码设置
初始话的时候,root的密码为空,必须设置一个root密码才能提交配置.
root# set system root-authentication plain-text-password 交互明文输入
或者
root# set system root-authentication encrypted-password ? 非交互密文输入
Possible completions:
<encrypted-password> Encrypted password string
例:root# set system root-authentication encrypted-password "xxxxxxxxxxdddddddddde"
双引号里就是一个MD5加密的值
这里不明白的看看之前一篇博客
5、给用户设置密码
root# set system login user XXX authentication plain-text-password
或者
root# set system login user XXX authentication encrypted-password "xxxxx"
6、自定义用户级别组
root# set system login class test ?
Possible completions:
access-end End time for remote access (hh:mm)
access-start Start time for remote access (hh:mm)
allow-commands Regular expression for commands to allow explicitly
allow-configuration Regular expression for configure to allow explicitly
+ allow-configuration-regexps Object path regular expressions to allow
+ allowed-days Day(s) of week when access is allowed.
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
deny-commands Regular expression for commands to deny explicitly
deny-configuration Regular expression for configure to deny explicitly
+ deny-configuration-regexps Object path regular expressions to deny
idle-timeout Maximum idle time before logout (minutes)
login-alarms Display system alarms when logging in
login-script Execute this login-script when logging in
login-tip Display tip when logging in
+ permissions Set of permitted operation categories
security-role Common Criteria security role
可以自定义一个组,里面茫茫多的选项。。。。。。自己看看吧,反正我这里网络、服务器、桌面端、DBA就我一个人。。。。。。。。
7、查看当前用户权限
root> show cli authorization
好了 这篇就到这里
这篇关于JuniperSRX------------用户管理的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!