GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: IOS privileges for helpdesk posted 11/03/2008
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


If you look at my config, you'll see username helpdesk priviledge 2. It does
not matter what priv level I define, the user will be logged in at priv 1.

Any way to workaround this?

On Mon, Nov 3, 2008 at 3:36 PM, Frank Gusky <frank9990@xxxxxxxxx> wrote:

> You can define the commands the helpdesk people can use for a priv level of
> 2 w/out giving them the enable p/w.
>
> -----Original Message-----
> From: nobody@xxxxxxxxxxxxxx [mailto:nobody@xxxxxxxxxxxxxx] On Behalf Of
> darth router
> Sent: Monday, November 03, 2008 3:58 PM
> To: ccie forum
> Subject: IOS privileges for helpdesk
>
>  fellas/ladies,
>
> Few questions on this.
> 1. with the below config, can I get this to work somehow ? I do not want to
> get rid of the enable pass. It will not work with the current config.
> 2. is there a way to have more than 1 enable pass with a diff priv level
> set
> for helpdesk (haven't been able to get this to work)
> 3. Is there a way to clear all commands from a privilege level, mtrace,
> ping, etc...? I can see in the doc CD how to add, but not remove default
> commands.
>
>
>
> aaa authentication login default local line
> aaa authentication enable default enable
>
>
> enable secret cisco
>
> username admin password cisco
> username helpdesk priviledge 2
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html