04-23-2014 01:35 PM - edited 03-10-2019 09:39 PM
I have set up a level 5 user and a enable level 5 password.
I set priv exec level 5 show running-config
I also have AAA default local set.
when I login as enable level5 and do a sh run I get 3 lines of config
Solved! Go to Solution.
04-24-2014 04:10 AM
The issue faced is due to the design of the IOS. We can lower down the privilege levels of all the configuration and exec mode commands.
However, the show run will only display the configuration of all of the commands that the current user is able to modify. In other words, all the commands at or below the user's current privilege level.
The show run/write terminal command should not display commands above the user's current privilege level because of security considerations.
IOS Privilege Levels Cannot See Complete Running Configuration. Refer this document.
HTH
"Please rate helpful posts"
04-24-2014 04:10 AM
The issue faced is due to the design of the IOS. We can lower down the privilege levels of all the configuration and exec mode commands.
However, the show run will only display the configuration of all of the commands that the current user is able to modify. In other words, all the commands at or below the user's current privilege level.
The show run/write terminal command should not display commands above the user's current privilege level because of security considerations.
IOS Privilege Levels Cannot See Complete Running Configuration. Refer this document.
HTH
"Please rate helpful posts"
04-24-2014 08:00 AM
So if levels 1-14 are custom and I say priv level 5 sh running-config doesn't that allow level 5 to see running config. I thought I added that the level
10-02-2014 09:01 AM
I'm having the same issue as well. I referred to the information contained here. Below are the privilege levels I've set for 8 and 6, as per the document:
privilege configure level 8 interface
privilege exec level 8 configure terminal
privilege exec level 8 configure
privilege exec level 6 show running-config view full
privilege exec level 6 show running-config view
privilege exec level 6 show running-config
privilege exec level 6 show
I set the admin user to privilege level 9:
username admin privilege 9
When logged in as admin, the "show run" command still show's blank. When checking the "show run" commands available to the admin user, "view full configuration" is there, but still shows blank. Any advise?:
Router#sh run ?
aaa Show AAA configurations
interface Show interface configuration
view View options
vrf Show VRF aware configuration
| Output modifiers
<cr>
Router#sh run view ?
full Full 'running-configuration'
| Output modifiers
<cr>
Router#sh run view full ?
| Output modifiers
<cr>
Router#sh run view full
Router#show running-config ?
aaa Show AAA configurations
interface Show interface configuration
view View options
vrf Show VRF aware configuration
| Output modifiers
<cr>
Router#show running-config view ?
full Full 'running-configuration'
| Output modifiers
<cr>
Router#show running-config view full
Router#
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: