read only user

Unanswered Question
Dec 21st, 2008
User Badges:

We have an administrator that would like to look at our configuration on our cisco 2611 router. What I want to do is create a user that has read-only priviledges on our router so he can take a look, but not change anything. How can I do this?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Danilo Dy Mon, 12/22/2008 - 05:36
User Badges:
  • Blue, 1500 points or more

Router# config t

Router(config)# user dumb-admin privilege 3 password password_for_dumb-admin

Router(config)# privilege exec level 3 show startup-config

Router(config)# privilege exec level 3 show running-config

Don't give him/her the enable password.

Richard Burts Mon, 12/22/2008 - 10:52
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


The solution suggested by Dandy is very logical. The suggestion using show startup-config may work as you want it to, but I believe that there is an aspect of show running-config that will cause it to not work as you want. When IOS parses the configuration for show running-config it will not show commands for things that you do not have permission to change. So setting the privilege level of show running-config to 3 would allow the user to execute the command but the results that they see would be a pretty empty config.




This Discussion