Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Configure read-only user on ASA

Hi,

My customer would like to have read-only access on the ASA , I tried to configure this in the ASDM but the new user has always full access. I configured the user with privilege level 1 ( tried several levels ) but with the same result. Can somebody explain me how I can configure it ?

The user should be specifically for the ASDM and not for the CLI mode .

1 REPLY
Silver

Re: Configure read-only user on ASA

The ASDM has two options. Read only - Showing everything BUT the monitor screen or read/write - The regular admin screens showing all screens. To set for read only, setup a user with a privilege level of 5.

In the ADSM you should find the settings under

Configuration > Features > Device Administration > Administration > AAA Access > Authorization Tab

Authorization lets you control access per user after you authenticate with a valid username and password. You can configure the security appliance to authorize management commands.

Authorization lets you control which services and commands are available to an individual user.

Authentication alone provides the same access to services for all authenticated users.

When you enable command authorization, you have the option of manually assigning privilege levels to individual commands or groups of commands (using the Advanced... button) or enabling the Predefined

User Account Privileges (using the Restore Predefined User Account Privileges button).

The Predefined User Account Privileges Setup panel displays a list of commands and privileges ASDM

issues to the security appliance if you click Yes. Yes allows ASDM to support the three privilege levels: Admin, Read Only and Monitor Only.

The complete explanation can be found in "ASDM Online Help, Release 5.0" at

http://www.cisco.com/application/pdf/en/us/guest/products/ps6121/c1225/ccmigration_09186a008045786c.pdf

490
Views
0
Helpful
1
Replies
CreatePlease login to create content