Not sure if anyone has run in to this before, but I am trying to figure out a way to prevent certain items in the running config from displaying.
Here is the situation that I am dealing with:
Using ACS v3.3 to authenticate engineers on network devices, primarily switches. At the same time there is a local username/password for local switch authentication in case of network/ACS unavailability. I am trying to prevent other individuals from viewing the hashed local username/password (since it can be decrypted in seconds) and add or modify existing local users on the network devices. At the same time, I would like those network engineers to be able to view other parts of the running or startup configs and make changes.