Creating a user account on the Juniper device

From the previous lessons, we now know that the Juniper router comes with a root account which cannot be deleted and it is always a super-user account. However, sometimes we require to create user accounts for other personals and even sometimes we need to create a backup user account for us in case we had any problems logging into the root account.

In this lessons I am going to show you how you can create a user account, provide it a password, a class, a user ID and a full name.

Just to mention that all what I am doing now is on the router itself, meaning that it is using the database of the router. There is possibility that you connect the Juniper router to an exterior device (like a radius server) and then you can create the accounts from that server instead of creating them on the router itself. Having a radius server is out of scope of this lesson, so I will show you how you can create accounts on the Juniper router itself using its local database.

Let’s start by creating a user Maher and give it a password of “Juniper123”:

root@R1# edit system login

[edit system login]

root@R1# edit user Maher

[edit system login user Maher]

root@R1#

[edit system login user Maher]

root@R1# set authentication plain-text-password

New password:

Retype new password:

[edit system login user Maher]

root@R1#

 

Now the user and the password have been created.

If we try to commit we will get an error message because we have to assign it a class. Let’s give it a class of super-user:

[edit system login user Maher]

root@R1# set class super-user

[edit system login user Maher]

root@R1#

Excellent! Now I can commit and it should work:

 

[edit system login user Maher]

root@R1# commit

commit complete

[edit system login user Maher]

root@R1#

This has worked indeed. Let’s see what else we can do from the user hierarchy level:

[edit system login user Maher]

root@R1# set ?

Possible completions:

+ apply-groups         Groups from which to inherit configuration data

+ apply-groups-except  Don’t inherit configuration data from these groups

> authentication       Authentication method

class                     Login class

full-name               Full name

uid                       User identifier (uid) (100..64000)

We can still assigned a full name for this user and a user id. The user id is normally giving randomly once we issue the commit, meaning that currently the user Maher should have a user id because we have already made the commit command. Let’s check that:

 

root@R1# show

uid 2004;

class super-user;

authentication {

encrypted-password “$1$Ny0q8nRt$JQmUrU1HcreVH8TRu7UHE.”; ## SECRET-DATA

}

 

[edit system login user Maher]

root@R1#

Indeed, I can see that it has given a user id of 2004. If you wish to assign a specific user id, you can change it using the following command from the user hierarchy level:

root@R1# set uid 101

[edit system login user Maher]

root@R1# commit

warning: uid changed for Maher (2004->101)

commit complete

[edit system login user Maher]

root@R1#

Once I committed, I got a warning that the user id is changing from 2004 to 101. Now let’s check if this has been successfully changed:

[edit system login user Maher]

root@R1# show

uid 101;

class super-user;

authentication {

encrypted-password “$1$Ny0q8nRt$JQmUrU1HcreVH8TRu7UHE.”; ## SECRET-DATA

}

[edit system login user Maher]

root@R1#

Yes indeed! It is having now a user id of 101.

The last thing I want to show you in this lesson is about the full name. You can provide a full name for the created user so you can recognize that this account is for that person. Let me show you how you can do it:

[edit system login user Maher]

root@R1# set full-name Maher-Haddad

[edit system login user Maher]

root@R1# commit

commit complete

[edit system login user Maher]

root@R1# show

full-name Maher-Haddad;

uid 101;

class super-user;

authentication {

encrypted-password “$1$Ny0q8nRt$JQmUrU1HcreVH8TRu7UHE.”; ## SECRET-DATA

}

[edit system login user Maher]

root@R1#

The full name has been created – please note that the first and last name should be attached to each other, so space in between doesn’t work, that’s why I put an underscore between the first and last name.

To finish the LAB, let’s try to login on the account Maher and see if everything is working properly:

R1 (ttyd0)

login: Maher

Password:

— JUNOS 14.1R4.8 built 2015-01-28 03:38:12 UTC

Maher@R1> edit

Entering configuration mode

[edit]

Maher@R1#

Indeed, I could login and go to the configuration mode without any problem.

This is all what I wanted to show you in this lesson, hope you enjoyed it and see you in the upcoming one 😊

Course Content

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.

About