6500's privileges to tech's

Unanswered Question
Jun 23rd, 2008
User Badges:

Hi all,


Wondering how to implement this:

I have a few techs that need access to the switches to view port configurations.

Although I DO NOT want to give them the enable password.


How can I setup a differente enable password and give them only VIEW (a.k.a. Show) capabilities?


Thanks for your help.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
pipsadmin Mon, 06/23/2008 - 06:06
User Badges:

If the Tech's know what the Enabled password is, is there a way to block them from actualy typing 'enable' ?

Collin Clark Mon, 06/23/2008 - 06:08
User Badges:
  • Purple, 4500 points or more

Yes, well actually they can type it, but they will get an error back.


*There are multiple ways to configure privilege levels and depending on how YOU do it, will depends on the results.

pipsadmin Mon, 06/23/2008 - 06:36
User Badges:

ok, can't seem to figure out how to restrict access to the 'enable' ...


I have a username created with privilege level 2, I dont want him to be able to enter enable as he knows the enabled password...


How do I do this?


I only want this user to do show commands... that's it.

Collin Clark Mon, 06/23/2008 - 06:41
User Badges:
  • Purple, 4500 points or more

In AAA you need to configure Authorization. If you want to use local authentication and privilege levels, you have to "move" the commands to level 2 and then change the enable password.

Actions

This Discussion