|
Posted by Doug McIntyre on August 7, 2008, 4:00 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>On an Cisco IOS 12.4 lab router I have defined two users.
>R1(config)#username admin privilege 15 secret cisco
>R1(config)#username john secret cisco
>When I login as admin and run the sh priv command a 15 is returned, no
>surprise. If I login as John and run the sh priv command a 15 is also
>returned, I was surprised.
>Am I interpreting this correctly? If you do not assign a privilege
>level to a username then that user operates at the default privilege
>level. If you are in enable mode that level is 15. So, by not
>defining a privilege level you are in affect granting level 15 access.
These aren't the config lines doing that for you then.
Look in your line vty section for the command that is setting your
default privledge level for all incoming connections.
If your default priv level is the IOS default of 1, then your username
login privleged level will override that. But if the line already sets
priv level 15 when the user comes in, they'll get the over-ridden default..
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map