cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
395
Views
0
Helpful
2
Replies

Restricting User Privilege

mcam
Level 1
Level 1

Hello,

With a username (level user) and restrictions with dir-access & restrict commands on a CSS, the command "sh run" is always authorized.

Is there anybody that knows how to prohibit this command ?

Thanks for your help.

2 Replies 2

Gilles Dufour
Cisco Employee
Cisco Employee

if you have the commmand 'tacacs authorize non-config' it should request authorization for this command.

Then you have to make sure your tacas server restrict access to this command.

Gilles.

Thanks for your answer.

But if the username is local (with user privilege), without using a radius or tacacs+ server, how to prohibit the "sh run" command. I don't want that my customer sees the configuration.

Thanks for your help.

Review Cisco Networking for a $25 gift card