Creating custom login classes for users on Juniper

When we were working with the users in the previous lesson, we saw that to create a new user we always require to provide is a class so we can save the configuration, otherwise the commit command will give us an error message that a class is required.

A class is nothing more than a permission that you provide to the user.

By default, Juniper has 4 different classes as the following:

[edit system login user Maher]

Maher@R1# set class ?

Possible completions:

<class>              Login class

operator             permissions [ clear network reset trace view ]

read-only           permissions [ view ]

super-user          permissions [ all ]

unauthorized      permissions [ none ]

Let’s speak about each one:

  • Class operator: users belonging to this class are able to do commands related to clear, network, reset, trace and view.
  • Class read-only: users belonging to this class can only view the configuration on the router
  • Class super-user: users belonging to this class have full permission to do anything on the Juniper router
  • Class unauthorized: users belonging to this class have no permissions on the Juniper router.

Again, those classes are provided by default on the Juniper router and you can use them if you want. However, there is a possibility that you create a custom class where you can define what users can do. For example, if you have a Junior engineer and you want to give him view, ping and traceroute access on the router, then you can create for him a special class and assign it to his account.

Let’s apply a LAB now to play with the classes.

I want to create a new user called Simon, and allow him to login during the weekdays from 8:00 to 17:00 and be able to do ping and change only the configuration on the system hierarchy level.

Let’s start creating the user and give him a password:

Maher@R1# set system login user Simon authentication plain-text-password

New password:

Retype new password:



Apologies, the Full Lesson Access is Only for Members....


Get Access to all Lessons from different Vendors


Affordable Price to Enhance your IT Skills!


Always Accessing all Lessons including the New Added Ones

100% Satisfaction Guaranteed!

You can cancel your membership at anytime.
No Questions Asked Whatsover!

Course Content


Submit a Comment

Your email address will not be published. Required fields are marked *