cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
350
Views
0
Helpful
4
Replies

configuring sh runn in lower priveldge??

vikasj
Level 1
Level 1

I want to create a user who has the access to sh running config and extended ping but can not modify the config. How to do that? I have tried with 'priviledge exec level 10 more system:running-config' but after that in 'show runn' the output is blank.

4 Replies 4

ywadhavk
Cisco Employee
Cisco Employee

Hi,

Is the user login in at the proper privilege level? If the command is set at level 10, then the user can login at priv level 10 by entering

enable 10

example:

enable password level 10 pswd10

privilege exec level 10 clear line

More info on this link;

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/fothersf/scfpass.htm#23545

Hope this helps.

Thanks.

yatin

Also, did you turn on AAA authorization? Try configuring the below on this router;

aaa new-model

aaa authentication login default group tacacs local

aaa authorization exec default group tacacs local

username abc privilege 2 password abc

username boss priv 15 password boss

privilege exec level 2 show running-config

More info on the 'sh runn' command issues;

http://www.cisco.com/warp/public/63/showrun.shtml

Thanks,

yatin

After this router accepts sh runn command but shows nothing in configuration.

As per the following link it can not be done. Am I right?

http://www.cisco.com/en/US/tech/tk583/tk642/technologies_tech_note09186a00800949d5.shtml

Thanks,

Hi,

Please refer to the following URL for work-around.

http://www.cisco.com/warp/public/63/showrun.shtml

Thanks,

Mynul

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: