Users and privilege levels

Answered Question
Aug 9th, 2007
User Badges:

I want to create a user on my 1720 so other IT people can log in but have limited privileges. All I really want them to be able to do is see the output of a 'sh int Sx/x' or 'sh service-module' to see if a T1 circuit is down. I have an encrypted secret password which I won't give out so it should keep them from doing an 'enable' but I'm not sure. Any help would be appreciated.

Correct Answer by wochanda about 9 years 11 months ago

line vty 0 4

login local

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
wochanda Thu, 08/09/2007 - 06:47
User Badges:
  • Silver, 250 points or more

Of these 2 commands, only 'show interface' is supported at the disable prompt (>) by default. The easiest way I can think to accommodate both commands is to change the privilege level for the 'show service-module' command. To do that you can configure:

2811-113(config)#privilege exec level 0 show service-module


This will allow you to do the 'show service-module' command from the disable prompt.


If you need to get more advanced with this, you can create different privilege levels and make logins for each. For more about this, look at this link:

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00803f3bb7.html

qbakies11 Thu, 08/09/2007 - 07:12
User Badges:

Ok, that was helpful, but I don't see in that document how to get it to prompt for a UN/PW when you connect through telnet. Right now when I telnet in it just prompts me for the telnet password that I have set and not for user credentials. It did let me create users however.

Correct Answer
wochanda Thu, 08/09/2007 - 07:20
User Badges:
  • Silver, 250 points or more

line vty 0 4

login local

Actions

This Discussion