Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1015
Views
0
Helpful
3
Replies

How to see difference between level 1 and level 15 user?

boe boe
Level 1
Level 1

‎12-10-2014 02:22 AM - edited ‎03-10-2019 10:15 PM

Dear all,

 

Let's say you make two users "bob" and "peter".

Bob has an privilege level of 15 and peter of 1.

So I do:

username bob privilege 15 secret 0 bob

-and-

username peter privilege 1 secret 0 peter

 

Now when I hit "show run" I see:

username bob secret 5 $1$mERr$2jygS30agKvkxKp5BbQlu.

username peter secret 5 $1$mERr$3XPqvFBeRKE8phC35ZpzY.

 

If I make any other user with any privilige level (except 1 and 15) the "show run" will print the level out like this:

username ellen privilege 4 secret 5 $1$mERr$3XPqvFBeRKE8phC35ZpzY.

 

 

So my question is: How can I see if an user is level 1 or level 15?

Labels:
0 Helpful
3 Replies 3

nspasov
Cisco Employee
Cisco Employee

‎12-10-2014 10:56 PM

You can use the "show privilege" command once the user is logged in and that should display the current privilege level assigned to the user.

 

Thank you for rating helpful posts!

Thank you for rating helpful posts!
0 Helpful

mohanak
Cisco Employee
Cisco Employee

‎12-11-2014 02:28 AM

Show Privilege command is used to see the level.

Implementing privilege levels varies depending on the organization's structure and the different job functions that require access to the infrastructure devices.

 

In the case of the USER, which requires default level 1 (Router>) access, no custom privilege level is defined. This is because the default user mode is equivalent to level 1.

 

The SUPPORT account could be assigned a higher level access such as level 5. Level 5 automatically inherits the commands from levels 1 through 4, plus additional commands can be assigned. Keep in mind that when a command is assigned at a specific level, access to that command is taken away from any lower level. For example, to assign level 5 the ping command, use the following command sequence.

 

privilege exec level 5 ping

 

The USER account (level 1) no longer has access to the ping command, because a user must have access to level 5 or higher to perform the ping function.

 

To assign a password to level 5, enter the following command.

 

enable secret level 5 cisco5

 

To access level 5, the password cisco5 must be used.

 

To assign a specific username to privilege level 5, enter the following command.

 

username support privilege 5 secret cisco5

 

A user that logs in under the username support is only able to access privilege level 5, which also inherits privilege level 1.

https://learningnetwork.cisco.com/docs/DOC-15878

0 Helpful

Venkatesh Attuluri
Cisco Employee
Cisco Employee

‎12-11-2014 09:02 AM

login and type

Router# show privilege




Current privilege level is 15
0 Helpful
Customers Also Viewed These Support Documents