Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3767
Views
5
Helpful
6
Replies

privilege interface shutdown

tirumalababu.e
Level 1
Level 1

‎08-16-2006 08:00 PM - edited ‎03-10-2019 02:42 PM

Kindly help me to configure lower privilege user should be able to shutdown the fast ethernnet inteface of the switches in my LAN.

I have configure Level 1 user. who has given accesses to show interface through privilege command. Now i would like give him interface shutdown option.

below the configuration already in my switch. but the user is unable to shutdwon the interface.

===================================

switch95#sh run | includ privi

* are authorized access and the level of privilege you *

privilege configure level 0 interface

privilege configure level 0 interface all shutdown

privilege exec level 0 ping

privilege exec level 0 traceroute

privilege exec level 0 show vlan

privilege exec level 0 show interface

privilege exec level 0 configure terminal

========================================

2 people had this problem
Labels:
6 Replies 6

mbrown
Level 1
Level 1

‎08-22-2006 12:59 PM

Can you move commands down to level 0? I've always used 1 through 15, and moved commands down from 15 to something like level 3.

-Mason

0 Helpful

mbrown
Level 1
Level 1
In response to mbrown

‎08-22-2006 01:16 PM

Looks like you can move commands down to level 0, and here's where it says so:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secur_r/srprt5/srdpass.htm#wp1017782

'You can use level 0 to specify a subset of commands for specific users or lines. For example, you can allow user "guest" to use only the show users and exit commands.'

There's another passage in the same link that talks about how Level 0 commands don't automatically get allowed for higher levels:

'There are five commands associated with privilege level 0: disable, enable, exit, help, and logout. If you configure AAA authorization for a privilege level greater than 0, these five commands will not be included.'

So maybe that's the issue - that your level 1 user isn't inheriting level 0 command privileges because they don't pass from level 0 to higher levels.

-Mason

0 Helpful

fausto-oliveira
Level 1
Level 1
In response to mbrown

‎08-23-2006 07:24 AM

Humm the priv level 0 isn't supposed to even permit login, I agree with a previous post that you should use privilege 1.

I have tried that in several customers with considerable sucess.

0 Helpful

ปลาวาฬทราย RMUTT CPE IX
Level 4
Level 4

‎06-10-2020 10:34 PM

 

I can't put this command:

privilege configure level 5 interface all shutdown

Thank you very much.

0 Helpful

poongarg
Cisco Employee
Cisco Employee
In response to ปลาวาฬทราย RMUTT CPE IX

‎06-13-2020 07:45 AM

What is the HW/SW version of the device. If you logged in via privilege level 15 user.
0 Helpful

ปลาวาฬทราย RMUTT CPE IX
Level 4
Level 4
In response to poongarg

‎06-15-2020 02:34 AM - edited ‎06-15-2020 02:34 AM

 

WS-C3650-48TD/IOS-XE Version 03.06.08.E

and could nexus do this?

Thank you very much.

0 Helpful
Customers Also Viewed These Support Documents