Cisco PIX 500 Series Configuration Manual page 903
Security appliance command line
Hide thumbs
Also See for PIX 500 Series:
- Administration manual (653 pages) ,
- Quick start manual (72 pages) ,
- User manual (60 pages)
Table of Contents
Advertisement
Chapter 40
Managing System Access
Default Command Privilege Levels
By default, the following commands are assigned to privilege level 0. All other commands are at
level 15.
•
•
•
•
•
•
•
•
•
•
•
•
If you move any configure mode commands to a lower level than 15, be sure to move the configure
command to that level as well, otherwise, the user will not be able to enter configuration mode.
To view all privilege levels, see the
Assigning Privilege Levels to Commands and Enabling Authorization
To assign a command to a new privilege level, and enable authorization, follow these steps:
To assign a command to a privilege level, enter the following command:
Step 1
hostname(config)# privilege [show | clear | cmd] level level [mode {enable | cmd}] command
command
Repeat this command for each command you want to reassign.
See the following information about the options in this command:
•
•
OL-12172-03
To configure the local database, see the
RADIUS users—Configure the user with Cisco VSA CVPN3000-Privilege-Level with a value
–
between 0 and 15.
LDAP users—Configure the user with a privilege level between 0 and 15, and then map the
–
LDAP attribute to Cisco VAS CVPN3000-Privilege-Level according to the
Mapping" section on page
show checksum
show curpriv
enable
help
show history
login
logout
pager
show pager
clear pager
quit
show version
show | clear | cmd—These optional keywords let you set the privilege only for the show, clear, or
configure form of the command. The configure form of the command is typically the form that
causes a configuration change, either as the unmodified command (without the show or clear prefix)
or as the no form. If you do not use one of these keywords, all forms of the command are affected.
level level—A level between 0 and 15.
"Configuring the Local Database" section on page
13-14.
"Viewing Command Privilege Levels" section on page
Cisco Security Appliance Command Line Configuration Guide
Configuring AAA for System Administrators
"LDAP Attribute
40-13.
13-7.
40-11
Advertisement
Table of Contents
Troubleshooting
