08-24-2021 09:08 PM
How should I configure my IOS switch to let local user with privilege 1 to change their own password? Thank you!
Solved! Go to Solution.
08-31-2021 05:17 AM
Sweet. As expected. The hope here would be the priv 1 user only knows his user name (I know not the best idea), but the solution provided does work. IMHO you should seek to use some sort of external authentication provider via ISE/AD/LDAP/etc. Then you would not have to worry about this run config modification. Your last option would be to have the user work with the net admin and have him manually set the pw for this priv 1 user. Cheers.
08-26-2021 09:04 AM - edited 08-26-2021 10:22 AM
FYSA Level 1 = Read-only, and access to limited commands. You can't make any changes or view the running configuration file by default.
However, you have the ability to add commands. For your scenario add the following to run-config:
#privilege exec level 1 configure terminal
#privilege configure level 1 username <your level 1 username> password
Then with the priv 1 user test the following:
>configure terminal
(config)>username <your level 1 username> password <NEW PASSWORD>
(config)>exit
>exit
Login with same priv 1 user and new PASS
Let us know result
08-30-2021 06:38 PM
Dear Mike,
#privilege configure level 1 username <your level 1 username> password
I tested your commands, I found if I configure above command, the level user would be able to change his own password and other users' password. The level 1 user would have the full right for the command <username> . If I perform "show run" after configured the command above, the running config output would only have "privilege configure level 1 username"
08-31-2021 05:17 AM
Sweet. As expected. The hope here would be the priv 1 user only knows his user name (I know not the best idea), but the solution provided does work. IMHO you should seek to use some sort of external authentication provider via ISE/AD/LDAP/etc. Then you would not have to worry about this run config modification. Your last option would be to have the user work with the net admin and have him manually set the pw for this priv 1 user. Cheers.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide