08-09-2007 06:39 AM - edited 03-03-2019 06:15 PM
I want to create a user on my 1720 so other IT people can log in but have limited privileges. All I really want them to be able to do is see the output of a 'sh int Sx/x' or 'sh service-module' to see if a T1 circuit is down. I have an encrypted secret password which I won't give out so it should keep them from doing an 'enable' but I'm not sure. Any help would be appreciated.
Solved! Go to Solution.
08-09-2007 07:20 AM
08-09-2007 06:47 AM
Of these 2 commands, only 'show interface' is supported at the disable prompt (>) by default. The easiest way I can think to accommodate both commands is to change the privilege level for the 'show service-module' command. To do that you can configure:
2811-113(config)#privilege exec level 0 show service-module
This will allow you to do the 'show service-module' command from the disable prompt.
If you need to get more advanced with this, you can create different privilege levels and make logins for each. For more about this, look at this link:
http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00803f3bb7.html
08-09-2007 07:12 AM
Ok, that was helpful, but I don't see in that document how to get it to prompt for a UN/PW when you connect through telnet. Right now when I telnet in it just prompts me for the telnet password that I have set and not for user credentials. It did let me create users however.
08-09-2007 07:20 AM
line vty 0 4
login local
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: