From: Danny.Andaluz@triaton-na.com
Date: Tue Oct 21 2003 - 16:46:54 GMT-3
Thanks, Brian. I thought you would be able to see everything associated with whatever command you use. Is "show run" the only command that behaves this way? I would have thought that a "sh config" would need the same thing, but I tried it and it worked without moving anything else. Anyway, thanks for the help, everyone.
Danny
-----Original Message-----
From: Brian Dennis [mailto:bdennis@internetworkexpert.com]
Sent: Tuesday, October 21, 2003 3:36 PM
To: Andaluz, Danilo, Triaton/NA
Cc: ccielab@groupstudy.com
Subject: RE: Privilege Level Command
You will only see configuration commands that are level 14. Because configuration commands are by default level 15 you need to move the commands that you want to see in the "show run" down to level 14.
Here is an example:
Rack2R1#conf t
Enter configuration commands, one per line. End with CNTL/Z. Rack2R1(config)#enable secret level 14 cisco Rack2R1(config)#privilege exec level 14 sho run Rack2R1(config)#^Z Rack2R1#en 14 Rack2R1#sho run Building configuration...
Current configuration : 17 bytes
!
!
!
!
!
!
end
Rack2R1#en
Rack2R1#conf t
Enter configuration commands, one per line. End with CNTL/Z. Rack2R1(config)#privilege configure level 14 interface Rack2R1(config)#privilege interface level 14 ip address Rack2R1(config)#^Z Rack2R1#en 14 Rack2R1#sho run Building configuration...
Current configuration : 247 bytes
!
!
!
!
!
interface Loopback0
ip address 150.2.1.1 255.255.255.0
!
interface Loopback1
ip address 172.16.1.2 255.255.255.0
!
interface Ethernet0/0
no ip address
!
interface Serial0/0
no ip address
!
interface Serial0/1
no ip address
!
!
end
Rack2R1#
Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security) bdennis@internetworkexpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
---------- Original Message ----------------------------------
From: Danny.Andaluz@triaton-na.com
Date: Tue, 21 Oct 2003 15:23:33 -0400
>That was part of the problem, but now it doesn't show me the whole
>config. Just this small part:
>
>r2 con0 is now available
>
>
>
>
>
>Press RETURN to get started.
>
>
>
>User Access Verification
>
>Username: danny
>Password:
>r2#sh run
>Building configuration...
>
>Current configuration : 13 bytes
>!
>!
>!
>!
>end
>
>r2#sh priv
>Current privilege level is 14
>R2
>
>-----Original Message-----
>From: Brian Dennis [mailto:bdennis@internetworkexpert.com]
>Sent: Tuesday, October 21, 2003 2:46 PM
>To: Andaluz, Danilo, Triaton/NA; ccielab@groupstudy.com
>Subject: RE: Privilege Level Command
>
>
>Try changing it to "show running-config". "show running-configuration"
>is not a valid command.
>
>Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
>bdennis@internetworkexpert.com
>Toll Free: 877-224-8987
>Direct: 775-745-6404 (Outside the US and Canada)
>Internetwork Expert, Inc.
>http://www.InternetworkExpert.com
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>Danny.Andaluz@triaton-na.com
>Sent: Tuesday, October 21, 2003 11:17 AM
>To: ccielab@groupstudy.com
>Subject: Privilege Level Command
>
>Hey Group,
>
>privilege exec level 14 show running-configuration
>
>username danny privilege 14 password 0 cisco
>
>How does the above privilege command NOT allow this user to issue this
>command. I would think that using this privilege command makes "show run" a level 14 command. However, it doesn't let me issue the command when I login with username danny. Any ideas?
>
>Thanks,
>Danny
>
>_______________________________________________________________________
>Please help support GroupStudy by purchasing your study materials from:
>http://shop.groupstudy.com
>
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Mon Nov 24 2003 - 07:53:06 GMT-3