What is good in Juniper when doing a configuration is that you have a hierarchy, meaning that for example if you want to configure something related to the user, you can go to the user configuration hierarchy and from there you can do the commands that you wish to do such as creating a new user, deleting a user, giving permissions, etc.….
Let’s check this in a LAB directly. I am still connected to the console port of the Juniper router.
Let’s go to the operational mode and write “configure” and see on which configuration hierarchy I am:
root@R1> configure
Entering configuration mode
[edit]
root@R1#
I am now on the “edit” configuration hierarchy which is the top configuration hierarchy on the Juniper Junos router.
From this configuration hierarchy, I wish to create a user and give him a permission.
root@R1# set system login user Jack authentication plain-text-password
New password:
Retype new password:
[edit]
root@R1#
root@R1# set system login user Jack class read-only
[edit]
root@R1# commit
commit complete
[edit]
root@R1#
You can see that I had to write 2 long commands to create a user and give it a permission using the “set” command. What I can do, I can use the configuration hierarchy where I go to the user configuration hierarchy and from there I can do all configurations needed for that user. Let me show you how this can be done:
root@R1# edit system login user Brian ?
Possible completions:
<[Enter]> Execute this command
> authentication Authentication method
| Pipe through a command
[edit]
root@R1# edit system login user Brian
[edit system login user Brian]
root@R1#
Using the “edit” command I can go to the configuration hierarchy of the created user and from there I can give a password, provide a permission class, etc.
Let’s provide the authentication for this user:
[edit system login user Brian]
root@R1# set authentication plain-text-password
New password:
Retype new password:
[edit system login user Brian]
root@R1#
It is set 😊 – I did not need to write the command from all over again. Just as being on the user Brian configuration hierarchy, I can configure the authentication directly under that level.
I still need to configure the class then the user is fully configured and apply a commit to save the configuration. Let’s do both things together:
[edit system login user Brian]
root@R1# set class super-user
[edit system login user Brian]
root@R1# commit
commit complete
[edit system login user Brian]
root@R1#
Again, I did not have to re-write the full command as being under the user Brian configuration hierarchy – that’s really nice and easy to use from now on, do you agree with me?
The last thing to do is the usage of the “show” command under the configuration hierarchy of the user Brian. Let’s try it and see what output I shall get:
[edit system login user Brian]
root@R1# show
uid 2002;
class super-user;
authentication {
encrypted-password “$1$R8WYawVo$lSoc3h5PTgP8XdRkwKF371”; ## SECRET-DATA
}
[edit system login user Brian]
root@R1#
Great 😊 – it s showing me what was configured under this configuration hierarchy.
This is all what I wanted to show you in this lesson, hope you enjoyed it and see you in the upcoming one.
0 Comments