Junos OS

Expand all | Collapse all

Is it possible to force configure private mode ?

Jump to Best Answer
  • 1.  Is it possible to force configure private mode ?

    Posted 08-13-2020 05:39

    Hi everyone,

     

    We have many Juniper devices in our parc and i would like to force the configuration private mode.

    I explain myself => On each device a user account is created for administration. Is it possible to make it so that when the user enters in configuration mode he enters in the private mode and not in traditional mode of configuration ?

     

    Thank you in advance for your help.

     

    Best regards


    #configureprivate


  • 2.  RE: Is it possible to force configure private mode ?
    Best Answer

    Posted 08-13-2020 05:51

    Hello,

     

    It is not possible to set "configure private" or any other mode by default for a particular user or for a terminal. You have to manually enter the commands in the CLI to enter into respective modes.



  • 3.  RE: Is it possible to force configure private mode ?

    Posted 08-13-2020 08:19

    Thank you for your response.

     

    It's too bad that's not possible.
    We will put in place good practices to compensate

     

    Have a good day



  • 4.  RE: Is it possible to force configure private mode ?

     
    Posted 08-15-2020 04:33

    You can restrict users to config private by applying this user class to them.  It is basically all permissions but normal commit.

     

    set system login class PrivateConfig permissions all

    set system login class PrivateConfig allow-commands "configure private"

    set system login class PrivateConfig deny-commands configure

     

    I have deployed this in our network for the same purpose, a configuration software system is active so keeping each person private is required to prevent unwanted config commits.