Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
807
Views
0
Helpful
5
Replies

How to create different usernames with different security level

Steph1963
Level 1
Level 1

‎11-29-2010 02:33 PM - edited ‎03-06-2019 02:16 PM

Hello to all,

I would like to know if it possible to create an account with the username command where the user we log directly into the Privileged Exec Mode. How can we create an account that we log directly into privileged Exec Mode but would not have access to all the commands.

I was only able to create some account where we log into the User Exec mode and we had to used the enable password to have acces to more commands but the problem is that the access was for all command. Should we create more than  one enable secret and assign the secret to user having different security level or there is a way of creating an account that would log directly into the Privileged Exec mode with a limited set of available commands.

Thanks for  your help

Stephane

Labels:
0 Helpful
5 Replies 5

Mohamed Sobair
Level 7
Level 7

‎11-29-2010 02:58 PM

Stephane,

You need to create a user with a specified privelege (for example 7), and then configure the privilege to have special commands for EXEC or CONFIG or Interface Level commands.

Please refer to cisco documentation or feel free to ask if you need further assistance,

HTH

Mohamed

0 Helpful

thilo schueler-mach
Level 1
Level 1

‎11-29-2010 03:21 PM

Hello,

does anybody knows how we can provide different administrative privilege levels for http or https access on catalyst switches for local and radius accounts?

I could only find some documents about http server activating/deactivating.

regards

Thilo

0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to thilo schueler-mach

‎11-30-2010 02:33 AM

Stephane,

How can we create an account that we log directly into privileged Exec Mode but would not have access to all the commands

then you can do something like this:

username lol privilege level X secret passlol  where X can be any level from 2 to 14

line con 0

privilege level 15

login local

your user lol will be in privileged mode without knowing enable password but with a privilege of 7 as you will see when issuing show priv

Regards.

Don't forget to rate helpful posts.
0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to thilo schueler-mach

‎11-30-2010 02:51 AM

Thilo,

ip http authentication[enable| local | tacacs]  as you can see there is no radius here.

then look for tacacs authentication in configuration guide for your switch platform.

regards

Don't forget to rate helpful posts.
0 Helpful
Customers Also Viewed These Support Documents