From: Ahmed Al-Ghawas (ghawas@batelco.com.bh)
Date: Mon Sep 02 2002 - 03:27:11 GMT-3
Try using privilege 0 instead of 1 and then enable the commands you require
at that level
HTH
Ahmed
----- Original Message -----
From: "Omer Ansari" <omer@ansari.com>
To: <ccielab@groupstudy.com>
Sent: Monday, September 02, 2002 3:59 AM
Subject: privelege level to allow only "show" commands
> All,
>
> doing a lab where theres a requirement to set a privelege level to only
> allow show commands.
>
> researched the archive, as well as tried a few iterations, but even for
> level1 i end up getting all sort of options other than show:
>
> R1(config)#username cisco privilege 1 nopassword
>
> R1#sr | inc (user|priv)
> username cisco nopassword
> privilege exec level 1 show
>
>
> then i try to telnet in remotely.
>
> R9#telnet 1.1.1.1
> ...
> Username: cisco
> R1>?
> Exec commands:
> <1-99> Session number to resume
> access-enable Create a temporary Access-List entry
> access-profile Apply user-profile to interface
> clear Reset functions
> ...
>
>
> I still have a choice of all the other commands as you can see..
>
>
> how can i configure R1, so that when I log in I get only this:
>
> R1>?
> Exec commands:
>
> show Show running system information
> exit ..
> [and other mandatory level0 commands]
>
> R1>
>
>
>
> regards,
> Omer
> _________________________________________________________________
> Commercial lab list: http://www.groupstudy.com/list/commercial.html
> Please discuss commercial lab solutions on this list.
This archive was generated by hypermail 2.1.4 : Mon Oct 07 2002 - 07:43:41 GMT-3