I have created a CCT that updates passwords on all our devices and it works great for Cisco. The problem I am running into is with Juniper devices. When changing the password of a local user, such as the root password, the command is interactive, in that it asks you to enter the new password twice. Since JUNOS runs over a modified base FreeBSD kernel, updating the root password is similar to updating a password on a Linux/Unix server. Here's what the router outputs during a normal password change session:
[edit] user@router# set system root-authentication plain-text-password New password: Retype new password:
Lines 3 and 4 above are where the new password is entered. The interaction works fine with both a command script in NCM and a simple copy and paste in the CLI. The CCT doesn't seem to work, though, as the password ends up changing, but I'm not sure what it's changing to. Here's my script and the NCM debug session (scrubbed) follows.
if (Node.Vendor == 'Juniper Networks, Inc.') { CLI { configure set system root-authentication password @NewPassword @NewPassword commit and-quit }
}
user@router> set cli complete-on-space off set cli complete-on-space off Disabling complete-on-space user@router> set cli screen-width 0 set cli screen-width 0 Screen width set to 0 user@router> set cli screen-length 0 set cli screen-length 0 Screen length set to 0 user@router> configure configure Entering configuration mode Users currently editing the configuration: user terminal p1 (pid 84138) on since 2014-10-20 11:13:13 EDT, idle 00:08:23 [edit] [edit] user@router# set system root-authentication plain-text-password set system root-authentication plain-text-password New password: <newpassword> Retype new password: <newpassword> [edit] user@router# commit and-quit commit and-quit commit complete Exiting configuration mode user@router>