Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2099
Views
5
Helpful
7
Replies

per user priv exec password

Scott O'Brien
Level 1
Level 1

‎11-24-2011 06:07 PM - edited ‎03-07-2019 03:35 AM

Hi all,

i know you can create a pacific

user ie:

uername ( username) password ( password)

is there away to see a pacific priv exec password for that user?

ie enable secret ( password) but for the pacific user? 

Labels:
0 Helpful
7 Replies 7

Reza Sharifi
Hall of Fame
Hall of Fame

‎11-24-2011 06:17 PM

Hi,

There is no option to specify a user name after enable secret:

have a look:

Switch(config)#enable secret cisco ?

LINE   

Switch(config)#enable secret cisco

HTH

0 Helpful

Edwin Summers
Level 3
Level 3

‎11-24-2011 07:12 PM

Sorry I don't have more info, but some versions will allow specifying a privilege level per user.  I believe TACACS will also enable even more granular control over which commands each user can access. Not sure if that helps.

0 Helpful

Scott O'Brien
Level 1
Level 1
In response to Edwin Summers

‎11-24-2011 10:15 PM

thanks guys, yea i thought the only way was to set the username and password to the device just checking.

as i have a customer who wants a username and password plus when the user logs in they are asked for an exec password, but as it is only a globaly configured command i will not be able ot do it.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Scott O'Brien

‎11-26-2011 06:54 PM

Scott

As far as I know the closest that you can come to having a unique password per user for access to privilege mode is to use something like TACACS to authenticate to privilege mode. With user IDs configured in TACACS you can specify what users do get access to privilege mode and what users do not get access to privilege mode. And when a user attempts to get into privilege mode the request is sent to TACACS for authentication and the user must use their own password (which is unique) rather than using a shared enable secret password.

HTH

Rick

HTH

Rick
0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to JohnTylerPearce

‎11-26-2011 07:23 PM

try this:  http://tacacs.net/default.asp

I believe this is free.

eduardopozo56
Level 1
Level 1

‎11-28-2011 12:44 PM

You can use a TACACS or a RADIUS server as described above to set a Password per username/level, but without going that far you could just use one of the following:

1- You can just configure your Privilege levels with the commands you want the users to have access to, and then set a different enable secret for each privilege

2- Configure "Views", with this way you can make each view like usernames and set a different password to each View while allowing all of them to have access to the same commands

Or go with the TACACS

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card