×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

configuring sh runn in lower priveldge??

Unanswered Question
Jun 3rd, 2003
User Badges:

I want to create a user who has the access to sh running config and extended ping but can not modify the config. How to do that? I have tried with 'priviledge exec level 10 more system:running-config' but after that in 'show runn' the output is blank.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ywadhavk Tue, 06/03/2003 - 11:17
User Badges:
  • Cisco Employee,

Hi,

Is the user login in at the proper privilege level? If the command is set at level 10, then the user can login at priv level 10 by entering

enable 10


example:


enable password level 10 pswd10

privilege exec level 10 clear line


More info on this link;

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/fothersf/scfpass.htm#23545


Hope this helps.


Thanks.

yatin

ywadhavk Tue, 06/03/2003 - 11:32
User Badges:
  • Cisco Employee,


Also, did you turn on AAA authorization? Try configuring the below on this router;


aaa new-model

aaa authentication login default group tacacs local

aaa authorization exec default group tacacs local


username abc privilege 2 password abc

username boss priv 15 password boss


privilege exec level 2 show running-config


More info on the 'sh runn' command issues;

http://www.cisco.com/warp/public/63/showrun.shtml


Thanks,

yatin


Actions

This Discussion