12-21-2008 05:40 PM
We have an administrator that would like to look at our configuration on our cisco 2611 router. What I want to do is create a user that has read-only priviledges on our router so he can take a look, but not change anything. How can I do this?
12-22-2008 05:36 AM
Router# config t
Router(config)# user dumb-admin privilege 3 password password_for_dumb-admin
Router(config)# privilege exec level 3 show startup-config
Router(config)# privilege exec level 3 show running-config
Don't give him/her the enable password.
12-22-2008 10:52 AM
Leandro
The solution suggested by Dandy is very logical. The suggestion using show startup-config may work as you want it to, but I believe that there is an aspect of show running-config that will cause it to not work as you want. When IOS parses the configuration for show running-config it will not show commands for things that you do not have permission to change. So setting the privilege level of show running-config to 3 would allow the user to execute the command but the results that they see would be a pretty empty config.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide