When we want to perform permission rating management on a Cisco router or switch, it is often necessary to assign different levels of users a command that exceeds the default settings, such as show run, which is the most basic troubleshooting command.
However, the command cannot be executed when your user level is at 0-14. You can assign permissions to these users using the following command:
Privilege EXEC level show Running-config
When the configuration is complete, login level 14
Router>enable 14
Execute Show Run
Router#show Run
Building configuration ...
Current Configuration:55 bytes
!
Boot-start-marker
Boot-end-marker
!
End
----------------------------------------
Well, what's the only point?
This time, if you want to show more, you need to do more configuration. Add the following command:
wxxq01 (config) #privilege Configure level interface
Then look at the output:
Wxxq01#sh Run
Building configuration ...
Current configuration:239 bytes
!
Boot-start-marker
Boot-end-marker
!
Interface ethernet0/0
!
Interface ETHERNET0/1
!
Interface ETHERNET0/2
!
Interface ETHERNET0/3
!
Interface serial1/0
!
Interface SERIAL1/1
!
Interface SERIAL1/2
!
Interface SERIAL1/3
!
!
End
Similarly, if you want to see more interface interface information. Add the following command:
wxxq01 (config) #privilege Configure All Level interface
Wxxq01#sh Run
Building configuration ...
Current configuration:604 bytes
!
Boot-start-marker
Boot-end-marker
。。。。。。。。。。。
Interface ETHERNET0/3
IP address 172.16.11.212 255.255.255.0
Half-duplex
!
。。。
This is what you found, all the contents of interface below are seen. If you only want the user to see the IP address information below the interface. You can set this:
R1 (config) #privilege interface level IP add
If you want to see other information, just add it. Like what:
wxxq01 (config) #privilege configure All level IP//View all commands following the IP command in configure mode.
Try it yourself before you can deepen the impression!
Cisco Router &switch Rights Management: You don't see anything after you use privilege exec level Running-config show