Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ScreenOS] Restrictions to all privilege user



Article ID: KB6198 KB Last Updated: 21 Jul 2016Version: 5.0
This article provides information about the restrictions applied to an All Privilege user.
The restrictions applied to a admin user with All Privilege Read-Write user rights.


The All Privilege user has almost the same rights as the root user, with the following exceptions:

  1. Cannot upgrade ScreenOS versions from telnet or WebUI.

  2. Cannot manage the root system (with Systems such as NS-500, , NS-1000, and NS-5200/5400 with Virtual Systems configured).

  3. Cannot add/remove/manage other administrator users; but can manage own users.

  4. Cannot remove Virtual Systems.

  5. Cannot create/remove/manage Virtual Routers (VRs).

  6. Cannot create/modify/remove NSRP configurations (including cluster, VSD Groups).

  7. Cannot change settings that will affect other admin users (admin login banner, admin port, ssh version, and so on).

  8. Cannot run snoop detail (see KB11320)

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search