Cisco IOS routers normally use two of the 16 supported privilege levels. Specifically, Cisco IOS routers support privilege levels in the range 0 to 15. By default, when you attach to a router, you are in user mode, which has a privilege level of 0. After entering the enable command and providing appropriate credentials, you are moved to privileged mode, which has a privilege level of 15.
However, for a finer granularity of administrative privileges, you can configure privilege levels in the range 1 to 14 using the privilege mode {level level command | reset command} command in global configuration mode. reset is used to reset the privilege level of a command to its original privilege level. To illustrate, Example shows how to configure the debug command to be a privilege level 5 command and how to set the enable secret password for level 5 administrative access.
Configuring a Privilege Level
Router# config term
Router(config)# privilege exec level 5 debug
Router(config)# enable secret level 5 g0od5P@55
Router(config)# end
After additional privilege levels are configured, an administrator can specify the privilege level she wants to change to using the enable level command. For example, for an administrator to switch to the previously configured privilege level of 5, she would enter the enable 5 command. After switching to a privilege level of 5, the administrator would have access to all commands associated not only with privilege level 5, but also all lower privilege levels.
See Also:
biOos
No comments:
Post a Comment