Juniper Networks J-Series manual Template Accounts, Denying or Allowing Individual Commands

Permission Bit

Access

routing-control

Can view general routing, routing protocol, and routing policy configuration information

and configure general routing (at the [edit routing-options]hierarchy level), routing

protocols (at the [edit protocols] hierarchy level), and routing policy (at the [edit

policy-options]hierarchy level).

secret

Can view passwords and other authentication keys in the configuration.

secret-control

Can view passwords and other authentication keys in the configuration and can modify

them in configuration mode.

security

Can view security configuration in configuration mode and with the show configuration

operational mode command.

security-control

Can view and configure security information (at the [edit security] hierarchy level).

shell

Can start a local shell on the router by entering the start shell command.

snmp

Can view SNMP configuration information in configuration and operational modes.

snmp-control

Can view SNMP configuration information and configure SNMP (at the [edit snmp]

hierarchy level).

system

Can view system-level information in configuration and operational modes.

system-control

Can view system-level configuration information and configure it (at the [edit system]

hierarchy level).

trace

Can view trace file settings in configuration and operational modes.

trace-control

Can view trace file settings and configure trace file properties.

view

Can use various commands to display current systemwide, routing table, and

protocol-specific values and statistics.