RE: Privilege level commands

From: jfaure@sztele.com
Date: Sat Aug 02 2003 - 13:53:05 GMT-3

• Next message: Volkov, Dmitry (IDS Canada): "RE: spanning-tree and port priority"
• Previous message: Knut Schubert: "Doc-CD on the Lab"
• Maybe in reply to: jfaure@sztele.com: "Privilege level commands"
• Next in thread: Jonathan V Hays: "RE: Privilege level commands"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Yes, i have read this before, but there isn't a priviledge "mode" that
specifically applies to "displaying the running config". There are
different modes for interface, configure, exec, line, etc.

I don't see how you can achieve this. I don't totally understand how a
privilege n: x can be "remade" over specific commands. Must i define my own
level 15 "command to command" without including the "show run". In deed
there is not enough granurality to do so or i don't see how to do it.

Regards

Juan Faure Ferrer
email: jfaure@sztele.com

Lmnea de Negocio de Telematica y CC
Ingeniero de Integracisn de Redes y Sistemas
----------------------------------------------------------------------------

SOLUZIONA TELECOMUNICACIONES
Servicios Profesionales de UNION FENOSA
Jerez, 3
28016 MADRID
tel 91 579 30 00 fax 91 350 72 83
---------------------------------------------------------------------------

                                                                                      
                    "Jonathan V
                    Hays" Para: <jfaure@sztele.com>,
                    <jhays@jtan.co <ccielab@groupstudy.com>
                    m> cc:
                    Enviado por: Asunto: RE: Privilege level commands
                    nobody@groupst
                    udy.com
                                                                                      
                                                                                      
                    02/08/03 18:24
                    Por favor,
                    responda a
                    "Jonathan V
                    Hays"
                                                                                      
                                                                                      

Have you already read this?

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/
fsecur_c/fothersf/scfpass.htm

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
jfaure@sztele.com
Sent: Saturday, August 02, 2003 9:45 AM
To: ccielab@groupstudy.com
Subject: Privilege level commands

Hi folks:

I'm "playing" with the IOS privilege level issue and i'd like to know if
anyone can help to configure a user that were only capable to execute
all
the show comands, INCLUDING SH RUN, but that he were unable to modify
the
router config. All this must be accomplished NOT USING any way of AAA
that
relay the user rights in a server, this is, only using self IOS router
issues.

I've seen that with privilege 14, the user can't configure the router,
but
he can't do a sh run. Is there any way to add this capability (sh run)
to
the user that has privilege level 14?

Regards

Juan Faure Ferrer
email: jfaure@sztele.com

Lmnea de Negocio de Telematica y CC
Ingeniero de Integracisn de Redes y Sistemas
------------------------------------------------------------------------

----
SOLUZIONA TELECOMUNICACIONES
Servicios Profesionales de UNION FENOSA
Jerez, 3
28016 MADRID
tel 91 579 30 00 fax 91 350 72 83
------------------------------------------------------------------------
---

• Next message: Volkov, Dmitry (IDS Canada): "RE: spanning-tree and port priority"
• Previous message: Knut Schubert: "Doc-CD on the Lab"
• Maybe in reply to: jfaure@sztele.com: "Privilege level commands"
• Next in thread: Jonathan V Hays: "RE: Privilege level commands"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Sep 02 2003 - 18:53:51 GMT-3