This chapter describes the switch management tasks supported on the switch.
Configuring Privilege Levels
Privilege levels restrict access to commands based on user or terminal line.
There are 16 privilege levels, of which three are pre-defined. The default privilege level is 1.
Level
Description
Level 0
Access to the system begins at EXEC mode, and EXEC mode commands are limited to
enable, disable, and exit.
Level 1
Access to the system begins at EXEC mode, and all commands are available.
Level 15
Access to the system begins at EXEC Privilege mode, and all commands are available.
For information about how access and authorization is controlled based on a user's role, see
Role-Based Access
Control.
Creating a Custom Privilege Level
Custom privilege levels start with the default EXEC mode command set. You can then customize privilege
levels 2-14 by:
•
restricting access to an EXEC mode command
•
moving commands from EXEC Privilege to EXEC mode
•
restricting access
A user can access all commands at his privilege level and below.
Removing a Command from EXEC Mode
To remove a command from the list of available commands in EXEC mode for a specific privilege level, use
the privilege exec command from CONFIGURATION mode.
In the command, specify a level greater than the level given to a user or terminal line, then the first keyword
of each command you wish to restrict.
Switch Management
4
Switch Management
63