05-24-2019 07:47 AM
Hello guys;
I am trying to setup a read-only access for a group of users on a Cisco Nexus switch N5K-C5548UP, System version: 7.0(5)N1(1).
Active directory selected group is able to authenticate through ACS with read-only access but there is no show running-config available under their privilege level which is required.
How we can setup the availability of show running-config for read-only users on NX-OS?
Thanks for your support.
Regards,
05-24-2019 08:17 AM - edited 05-24-2019 08:17 AM
Depends on how your network policies setup.
Under policy elements you can setup command sets for the users ( attached image for reference)
I have admin and network viewers in AD Group seperately.
05-24-2019 08:26 AM
Hi;
Yes. I have setup command sets for read-only users. In a Nexus 5K version 7.0(5)N1(1) works, but in a Nexus 9000 C9332PQ
version 7.0(3)I7(3).
In the Nexus 5K I can show running config for read-only users (vdc operator) but in Nexus 9000 there is no show running config for the read only user (roles: vdc-operator).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide