11-24-2011 06:07 PM - edited 03-07-2019 03:35 AM
Hi all,
i know you can create a pacific
user ie:
uername ( username) password ( password)
is there away to see a pacific priv exec password for that user?
ie enable secret ( password) but for the pacific user?
11-24-2011 06:17 PM
Hi,
There is no option to specify a user name after enable secret:
have a look:
Switch(config)#enable secret cisco ?
LINE
Switch(config)#enable secret cisco
HTH
11-24-2011 07:12 PM
Sorry I don't have more info, but some versions will allow specifying a privilege level per user. I believe TACACS will also enable even more granular control over which commands each user can access. Not sure if that helps.
11-24-2011 10:15 PM
thanks guys, yea i thought the only way was to set the username and password to the device just checking.
as i have a customer who wants a username and password plus when the user logs in they are asked for an exec password, but as it is only a globaly configured command i will not be able ot do it.
11-26-2011 06:54 PM
Scott
As far as I know the closest that you can come to having a unique password per user for access to privilege mode is to use something like TACACS to authenticate to privilege mode. With user IDs configured in TACACS you can specify what users do get access to privilege mode and what users do not get access to privilege mode. And when a user attempts to get into privilege mode the request is sent to TACACS for authentication and the user must use their own password (which is unique) rather than using a shared enable secret password.
HTH
Rick
11-26-2011 07:17 PM
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00800949d5.shtml
That link should help you out.
11-26-2011 07:23 PM
try this: http://tacacs.net/default.asp
I believe this is free.
11-28-2011 12:44 PM
You can use a TACACS or a RADIUS server as described above to set a Password per username/level, but without going that far you could just use one of the following:
1- You can just configure your Privilege levels with the commands you want the users to have access to, and then set a different enable secret for each privilege
2- Configure "Views", with this way you can make each view like usernames and set a different password to each View while allowing all of them to have access to the same commands
Or go with the TACACS
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide