<div>I am looking for information on grouping users into profiles/groups. I've searched around the FAQ's and docs but not finding a clear picture. I've found how to associate a user with a group of NAS's.<br>
.<br>Here's the scenario. There is a specfic VSA from Juniper called Juniper-Local-User-Name. This gets mapped to a locally defined profile on the NAS. In the users file I have the following:<br> <br>bob.smith Juniper-Local-User-Name = "tier3",<br>
<br>mary.jane Juniper-Local-User-Name = "tier3",<br> <br>bobby.sue Juniper-Local-User-Name = "tier3",<br> <br>Furthermore there is other VSA's such as the Juniper-Allow-Commands and Juniper-Deny-Commands. So I can do things like:<br>
<br>billy.bob Juniper-Local-User-Name = "tier2",<br> Juniper-Deny-Commands "(show system alarms)|(show system software)"<br> <br>john.doe Juniper-Local-User-Name = "tier2", <br>
Juniper-Deny-Commands "(show system alarms)|(show system software)"<br> <br> <br> <br>So to the point, rather than defining each user with the same parameters every time, can I create a group, for instance TIER3, and associate User-Name's above to the group. And if so how or point me to some specific examples.</div>
<div> </div>
<div>I am using LDAP also so if there is an LDAP solution same question. Howto?</div>