RE: Priviledge commands

From: James.Jackson@broadwing.com
Date: Wed Apr 23 2003 - 21:31:15 GMT-3

• Next message: Charles Church: "RE: 3550"
• Previous message: Stewart, Dirk: "design multicast"
• Maybe in reply to: Jason Cash: "Priviledge commands"
• Next in thread: balaji.balakrishnan: "Re: Priviledge commands"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

You can change the default priv level on the line if that helps... i.e.
on con vs. vty

James

-----Original Message-----
From: Jason Cash [mailto:cash2001@swbell.net]
Sent: Wednesday, April 23, 2003 5:28 PM
To: ccielab@groupstudy.com
Subject: RE: Priviledge commands

Ok this is weird! When I console in with user 'brett' I get an exec
prompt:

r8 con0 is now available
Press RETURN to get started.

User Access Verification

Username: brett
Password:

r8>

But when I telnet in, I get priv. exec prompt!

r7#150.50.5.2
Trying 150.50.5.2 ... Open
User Access Verification

Username: brett
Password:

r8#

Here is the config for r8. Where is the difference between logins
specified. I THOUGHT that 'aaa authentication login default local'
applied to ANY login, including the console, but I am confused now!

hostname r8
!
boot system tftp c2600-jo3s56i-mz.121-19.bin 150.50.7.10
aaa new-model
aaa authentication login default local
aaa authorization exec default local
!
username favre password 0 ipexpert
username brett privilege 8 password 0 favre
!
privilege configure level 8 interface
privilege exec level 8 configure
privilege exec level 8 configure terminal
!
line con 0
 session-timeout 120
 exec-timeout 60 0
 length 30
line aux 0
 transport input all
line vty 0 4
 password cisco
!
end

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Jason Cash
Sent: Tuesday, April 22, 2003 10:34 PM
To: ccielab@groupstudy.com
Subject: Priviledge commands

I am having problems with the a task:
"user brett should be able to enter config mode and then int. conf. mode
but no more"

Here is my config:
hostname r6
!
aaa new-model
aaa authentication login default local
aaa authorization exec default local
!
username brett privilege 8 password 0 favre
!
privilege configure level 8 interface
privilege exec level 8 configure
privilege exec level 8 configure terminal
!
end

And here is the capture of the login:

User Access Verification

Username: brett
Password:

r6>conf t
% Invalid input detected at '^' marker.

r6>configure
Translating "configure"

Translating "configure"
% Unknown command or computer name, or unable to find computer address
r6>conf
Translating "conf"

Translating "conf"
% Unknown command or computer name, or unable to find computer address
r6>
 
 As you can see, these commands are not available. Wouldn't one need to
goto enable to even get to 'conf t'? What is missing as this is the
same as the provided solution.

[GroupStudy removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s]

• Next message: Charles Church: "RE: 3550"
• Previous message: Stewart, Dirk: "design multicast"
• Maybe in reply to: Jason Cash: "Priviledge commands"
• Next in thread: balaji.balakrishnan: "Re: Priviledge commands"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu May 01 2003 - 13:36:04 GMT-3