https://community.cisco.com/t5/network-security/asdm-levels-of-access/m-p/1533918#M616169 <P>I know in the cli I can put different commands in different privilege classes but is there a way to accomplish the same thing in ASDM so say an ASDM user can see things but not alter.&nbsp; thx again</P> Mon, 11 Mar 2019 19:10:42 GMT whanson 2019-03-11T19:10:42Z https://community.cisco.com/t5/network-security/asdm-levels-of-access/m-p/1533918#M616169 <P>I know in the cli I can put different commands in different privilege classes but is there a way to accomplish the same thing in ASDM so say an ASDM user can see things but not alter.&nbsp; thx again</P> Mon, 11 Mar 2019 19:10:42 GMT https://community.cisco.com/t5/network-security/asdm-levels-of-access/m-p/1533918#M616169 whanson 2019-03-11T19:10:42Z https://community.cisco.com/t5/network-security/asdm-levels-of-access/m-p/1533919#M616173 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>Yes, this is all handled under the Configuration &gt; Device Management &gt; Users/AAA &gt; AAA Access &gt; Authorization section.</P><P></P><P>Here is the ASDM configuration guide for this, which should get you started:</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/asa/asa83/asdm63/configuration_guide/access_management.html#wp1145571">http://www.cisco.com/en/US/docs/security/asa/asa83/asdm63/configuration_guide/access_management.html#wp1145571</A></P><P></P><P>Let us know if you have any questions about the configuration.</P><P></P><P>-Mike</P></BODY></HTML> Wed, 17 Nov 2010 17:13:04 GMT https://community.cisco.com/t5/network-security/asdm-levels-of-access/m-p/1533919#M616173 mirober2 2010-11-17T17:13:04Z https://community.cisco.com/t5/network-security/asdm-levels-of-access/m-p/1533920#M616175 <HTML><HEAD></HEAD><BODY><P>Thanks as always but just want to make sure that ASDM can be restricted based on local user and doesn't require RADIUS.</P><P></P><P>Bill</P></BODY></HTML> Wed, 17 Nov 2010 19:11:17 GMT https://community.cisco.com/t5/network-security/asdm-levels-of-access/m-p/1533920#M616175 whanson 2010-11-17T19:11:17Z https://community.cisco.com/t5/network-security/asdm-levels-of-access/m-p/1533921#M616177 <HTML><HEAD></HEAD><BODY><P>Hi Bill,</P><P></P><P>Yes, it does support using the LOCAL database and does not require RADIUS. When you enable command authorization, just select LOCAL from the service group drop-down menu and it will check the privilege level against the local user database.</P><P></P><P>Hope that helps.</P><P></P><P>-Mike</P></BODY></HTML> Wed, 17 Nov 2010 19:30:50 GMT https://community.cisco.com/t5/network-security/asdm-levels-of-access/m-p/1533921#M616177 mirober2 2010-11-17T19:30:50Z https://community.cisco.com/t5/network-security/asdm-levels-of-access/m-p/1533922#M616179 <HTML><HEAD></HEAD><BODY><P>Thanks again</P></BODY></HTML> Thu, 18 Nov 2010 00:06:43 GMT https://community.cisco.com/t5/network-security/asdm-levels-of-access/m-p/1533922#M616179 whanson 2010-11-18T00:06:43Z