cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
78
Views
0
Helpful
0
Replies
Beginner

Local Authorization - Privilege levels

Hi,

 

I have created a read only user who should have access to show commands and show running configuration.

The user has level 6 privilege. Following configuration is done on the router for local authorization . User gets authenticated with external AAA and AAA is returning the privilege level 6 . 

LAB-G2-R5#sh run | in privilege

privilege configure level 6 router
privilege configure level 6 interface
privilege configure level 6 ip
privilege configure level 6 ip address
privilege configure level 6 line
privilege configure level 6 vrf
privilege configure level 6 ip vrf
privilege configure level 6 class-map
privilege configure level 6 policy-map
privilege configure level 6 mpls
privilege exec level 15 enable
privilege exec level 6 show interface
privilege exec level 6 show ip address
privilege exec level 6 show run
LAB-G2-R5#

Is there any way to configure local authorization for this purpose instead of giving all these commands?

The user should not be able to enter enable, debug etc.

 

Thanks

Nimmi 

Everyone's tags (1)
CreatePlease to create content
Content for Community-Ad