I have referenced the following page (https://www.juniper.net/documentation/en_US/junos/topics/concept/access-privileges-levels-overview.html) in an effort to create a user solely for the purpose of rotating the root user's password every week. I have configured the user with secret-control permissions (failed) and admin-control permissions (failed). Does only the root user have the permission to change the root-authentication password?
Thanks in advance.
You need a super-user to change the root password. The "secret-control" does say that it can change password but it cannot change the root password.
>set system login user test class super-user
As per the Juniper document:
access to the root directory is restricted by default to a predefined user account known as root user. The root user (also referred to as superuser) has unrestricted access and full permissions within the system. The expression “log in as root” is commonly used when an action requires you to log into the device as the root user.
Please mark my solution as accepted if it helped.