From: Balogh, Jim (jim.balogh@gwl.com)
Date: Tue Nov 01 2005 - 22:49:41 GMT-3
Thx Chris for the response. I was thinking this was a privilege level
task, when in fact I must do the following:
1) create a username (username test password test)
2) under the username, use the autocommand to issue the required
commands (username test autocommand show ip route)
Jim
________________________________
From: Chris Lewis [mailto:chrlewiscsco@yahoo.com]
Sent: Tuesday, November 01, 2005 4:51 PM
To: Balogh, Jim; ccielab@groupstudy.com
Subject: Re: Privilege Levels again....
Have a look in to the autocommand options. It can appear in two places I
know of
1. username SALLY autocommand blah blah
2. under line vty
autocommand blah blah
I'd also suggest getting familiar with the nohangup option, how
autocommand works with and without it.
Chris
"Balogh, Jim" <jim.balogh@gwl.com> wrote:
Is there a way to log off a user immediately after they execute
the
command they were given permission to run? Example: I want a
user to
ONLY do a 'show ip route' on the router and then be logged off:
username test privilege 7 password test
privilege exec level 7 show ip route
First problem....how do I log this user out AFTER they execute
their
command?
Second problem, when I apply this to line vty 0 4, and telnet to
this
router, I am allowed to do ANY 'show ip' command. How can I
restrict
this to just 'show ip route'? TIA.
Jim
This archive was generated by hypermail 2.1.4 : Thu Dec 01 2005 - 09:12:04 GMT-3