Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

configuring en level 5 to see running config

I have set up a level 5 user and a enable level 5 password.

I set priv exec level 5 show running-config

 

I also have AAA default local set.

when I login as enable level5 and do a sh run I get 3 lines of config

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

The issue faced is due to the

The issue faced is due to the design of the IOS. We can lower down the privilege levels of all the configuration and exec mode commands.

However, the show run will only display the configuration of all of the commands that the current user is able to modify. In other words, all the commands at or below the user's current privilege level.

The show run/write terminal command should not display commands above the user's current privilege level because of security considerations.

 

IOS Privilege Levels Cannot See Complete Running Configuration. Refer this document.

 

HTH

"Please rate helpful posts"

3 REPLIES
Silver

The issue faced is due to the

The issue faced is due to the design of the IOS. We can lower down the privilege levels of all the configuration and exec mode commands.

However, the show run will only display the configuration of all of the commands that the current user is able to modify. In other words, all the commands at or below the user's current privilege level.

The show run/write terminal command should not display commands above the user's current privilege level because of security considerations.

 

IOS Privilege Levels Cannot See Complete Running Configuration. Refer this document.

 

HTH

"Please rate helpful posts"

New Member

So if levels 1-14 are custom

So if levels 1-14 are custom and I say priv level 5 sh running-config doesn't that allow level 5 to see running config. I thought I added that the level

New Member

I'm having the same issue as

I'm having the same issue as well. I referred to the information contained here. Below are the privilege levels I've set for 8 and 6, as per the document:

 

privilege configure level 8 interface
privilege exec level 8 configure terminal
privilege exec level 8 configure
privilege exec level 6 show running-config view full
privilege exec level 6 show running-config view
privilege exec level 6 show running-config
privilege exec level 6 show

 

I set the admin user to privilege level 9:

username admin privilege 9

 

When logged in as admin, the "show run" command still show's blank. When checking the "show run" commands available to the admin user, "view full configuration" is there, but still shows blank.  Any advise?:

 

Router#sh run ?
  aaa        Show AAA configurations
  interface  Show interface configuration
  view       View options
  vrf        Show VRF aware configuration
  |          Output modifiers
  <cr>

Router#sh run view ?
  full  Full 'running-configuration'
  |     Output modifiers
  <cr>

Router#sh run view full ?
  |  Output modifiers
  <cr>

Router#sh run view full
Router#show running-config ?
  aaa        Show AAA configurations
  interface  Show interface configuration
  view       View options
  vrf        Show VRF aware configuration
  |          Output modifiers
  <cr>

Router#show running-config view ?
  full  Full 'running-configuration'
  |     Output modifiers
  <cr>

Router#show running-config view full
Router#

 

 

 

 

124
Views
1
Helpful
3
Replies