04-23-2014 01:35 PM - edited 03-10-2019 09:39 PM
I have set up a level 5 user and a enable level 5 password.
I set priv exec level 5 show running-config
I also have AAA default local set.
when I login as enable level5 and do a sh run I get 3 lines of config
Solved! Go to Solution.
04-24-2014 04:10 AM
The issue faced is due to the design of the IOS. We can lower down the privilege levels of all the configuration and exec mode commands.
However, the show run will only display the configuration of all of the commands that the current user is able to modify. In other words, all the commands at or below the user's current privilege level.
The show run/write terminal command should not display commands above the user's current privilege level because of security considerations.
IOS Privilege Levels Cannot See Complete Running Configuration. Refer this document.
HTH
"Please rate helpful posts"
04-24-2014 04:10 AM
The issue faced is due to the design of the IOS. We can lower down the privilege levels of all the configuration and exec mode commands.
However, the show run will only display the configuration of all of the commands that the current user is able to modify. In other words, all the commands at or below the user's current privilege level.
The show run/write terminal command should not display commands above the user's current privilege level because of security considerations.
IOS Privilege Levels Cannot See Complete Running Configuration. Refer this document.
HTH
"Please rate helpful posts"
04-24-2014 08:00 AM
So if levels 1-14 are custom and I say priv level 5 sh running-config doesn't that allow level 5 to see running config. I thought I added that the level
10-02-2014 09:01 AM
I'm having the same issue as well. I referred to the information contained here. Below are the privilege levels I've set for 8 and 6, as per the document:
privilege configure level 8 interface
privilege exec level 8 configure terminal
privilege exec level 8 configure
privilege exec level 6 show running-config view full
privilege exec level 6 show running-config view
privilege exec level 6 show running-config
privilege exec level 6 show
I set the admin user to privilege level 9:
username admin privilege 9
When logged in as admin, the "show run" command still show's blank. When checking the "show run" commands available to the admin user, "view full configuration" is there, but still shows blank. Any advise?:
Router#sh run ?
aaa Show AAA configurations
interface Show interface configuration
view View options
vrf Show VRF aware configuration
| Output modifiers
<cr>
Router#sh run view ?
full Full 'running-configuration'
| Output modifiers
<cr>
Router#sh run view full ?
| Output modifiers
<cr>
Router#sh run view full
Router#show running-config ?
aaa Show AAA configurations
interface Show interface configuration
view View options
vrf Show VRF aware configuration
| Output modifiers
<cr>
Router#show running-config view ?
full Full 'running-configuration'
| Output modifiers
<cr>
Router#show running-config view full
Router#
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide