[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]


About SRC Configuration Files in XML Format

The XML structure follows the same hierarchy as the CLI. For example, in configuration mode the following statements are available at the [edit system] hierarchy level:

[edit system]
user@host# set ?
Possible completions:
+ authentication-order Order in which authentication methods are invoked
+ domain-search        List of domain names to search
  host-name            Hostname for C-series Controller
> ldap                 LDAP properties
> login                Login properties
+ name-server          DNS name servers
> ntp                  Configure NTP
> radius-server        RADIUS server configuration
> services             System services configuration
> syslog               System log configuration
> tacplus-server       TACACS+ server configuration
  time-zone            Time zone definition name

In an XML file, the tags within the <system> tags are the same as the statements in the [edit system] hierarchy. The tags under <system> can appear in any order.

<configuration>
    <system>
        <authentication-order> </authentication-order>
        <domain-search> </domain-search>
        <host-name> </host-name>
        <ldap> </ldap>
        <login> </login>
        <name-server> </name-server>
        <ntp> </ntp>
        <radius-server> </radius-server>
        <services> </services>
        <syslog> </syslog>
        <tacplus-server> </tacplus-server>
        <time-zone> </time-zone>
    </system>
</configuration>

The following example shows parts of a configuration file for statements in the [edit system] hierarchy:

<?xml version="1.0"?>
<configuration>
    <system>
        <time-zone>Canada/Eastern</time-zone>
        <services>
            <telnet/>
            <ssh>
                <root-login>allow</root-login>
            </ssh>
        </services>
        <host-name>myhost</host-name>
        <name-server>192.2.2.10</name-server>
        <name-server>192.2.2.20</name-server>
        <domain-search>mydomain.juniper.net</domain-search>
        <domain-search>juniper.net</domain-search>
        <ntp>
            <server> <address>192.2.2.100</address>
            </server>
            <boot-server>192.2.2.100</boot-server>
        </ntp>
        <ldap>
            <server>
                <address>10.227.2.100</address>
            </server>
            <boot-server>10.227.2.100</boot-server>
        </ldap>
        <ldap>
            <server>
                <community>
                    <primary-neighbors>neighbor1</primary-neighbors>
                    <role>primary</role>
                </community>
            </server>
        </ldap>
        <ldap>
            <client>
                <connection-manager-id>CLI_DATA_MANAGER
                </connection-manager-id>
            . . .
            </client>    
        </ldap>
        <login>
            <class>
                <name>class-cfg</name>
                <allow-configuration>s.*m$|s.*m l.*n</allow-configuration>
                <permissions>configure</permissions>
                <permissions>interface</permissions>
            </class>
            <user>
                <user-name>admin</user-name>
                <class>super-user</class>
                <full-name>admin</full-name>
                <uid>500</uid>
                <gid>100</gid>
                <authentication>
                    . . .
                </authentication>
                <level>normal</level>
                <complete-on-space>on</complete-on-space>
            </user>
        </login>
        <syslog>
            . . .
        </syslog>
    </system>
</configuration>

Example: Using Attributes When Editing an XML Configuration File

You can modify a single value by inserting an attribute into one tag. For example, to delete the name server that has the IP address 192.2.2.20:

<configuration>
    <system>
        <name-server operation="delete">192.2.2.20</name-server>
    </system>
</configuration>

You can also modify a number of values within a hierarchy by adding an attribute at a higher level in the hierarchy. For example, to replace permissions for the class named class-cfg in the following configuration:

<configuration>
    <system>
            <class>
                <name>class-cfg</name>
                <allow-configuration>s.*m$|s.*m l.*n</allow-configuration>
                <permissions>configure</permissions>
                <permissions>interface</permissions>
            </class>
    </system>
</configuration>

Enter the replace attribute for the class:

<configuration>
    <system>
        <login>
            <class operation="replace">
                <name>class-cfg</name>
                <allow-configuration>s.*m$|s.*m l.*n</allow-configuration>
                <permissions>control</permissions>
                <permissions>maintenance</permissions>
            </class>
        </login>
    </system>
</configuration>


[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]