Hi all, this may seem a bit stupid question but i am confused with the wordings presented on cisco docs and ppl referring here. What is meant by "moving" commands between priv levels ?
username admin priv 7 pass cisco
privilege exec level 7 show running-config
Now what this command does is to allow sh run in priv 7 which is not there by default.. so its copying isnt it ? why we call it moving ? i check by going to priv 15 command and show run was still there !!!. I tried it with some other command lets say configure terminal. This makes it way to priv 7 but it was also present in priv 15. So why we call it "moving" ? pls i am not arguing just want to make sure that i get this straight :-). Is there anything i am missing ?
I think the "moving" terminology is confusing, but here is what they must mean:
By default, you should be able to access commands at your level and BELOW.
So you move the "show runnning-config" down to level 7 with the command you issued above.
Now Level 7 and above users may use the command.
The problem with that command is that it references a bunch of other commands "within the output" of show running-config. I bet when you login as level 7 and issue "sh run" that the config will be missing huge chunks of data if not everything.
The easiest way to accomplish the "sh run" command is to have ACS. You would give that user level 15 access and then restrict them to issuing just the "sh run" command.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :