Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to create different usernames with different security level

Hello to all,

I would like to know if it possible to create an account with the username command where the user we log directly into the Privileged Exec Mode. How can we create an account that we log directly into privileged Exec Mode but would not have access to all the commands.

I was only able to create some account where we log into the User Exec mode and we had to used the enable password to have acces to more commands but the problem is that the access was for all command. Should we create more than  one enable secret and assign the secret to user having different security level or there is a way of creating an account that would log directly into the Privileged Exec mode with a limited set of available commands.

Thanks for  your help

Stephane

5 REPLIES

Re: How to create different usernames with different security le

Re: How to create different usernames with different security le

Stephane,

You need to create a user with a specified privelege (for example 7), and then configure the privilege to have special commands for EXEC or CONFIG or Interface Level commands.

Please refer to cisco documentation or feel free to ask if you need further assistance,

HTH

Mohamed

Re: How to create different usernames with different security le

Hello,

does anybody knows how we can provide different administrative privilege levels for http or https access on catalyst switches for local and radius accounts?

I could only find some documents about http server activating/deactivating.

regards

Thilo

Purple

Re: How to create different usernames with different security le

Stephane,

How can we create an account that we log directly into privileged Exec Mode but would not have access to all the commands

then you can do something like this:

username lol privilege level X secret passlol  where X can be any level from 2 to 14

line con 0

privilege level 15

login local

your user lol will be in privileged mode without knowing enable password but with a privilege of 7 as you will see when issuing show priv

Regards.

Don't forget to rate helpful posts.
Purple

Re: How to create different usernames with different security le

Thilo,

ip http authentication[enable| local | tacacs]  as you can see there is no radius here.

then look for tacacs authentication in configuration guide for your switch platform.

regards

Don't forget to rate helpful posts.
203
Views
0
Helpful
5
Replies
CreatePlease login to create content