Permitting Or Denying Commands For Users Of Privilege Roles - Cisco Nexus 9000 Series Configuration Manual
Nx-os security configuration guide, release 9.x
Hide thumbs
Also See for Nexus 9000 Series:
- Configuration manual (276 pages) ,
- Troubleshooting manual (126 pages) ,
- Quick start configuration manual (6 pages)
Table of Contents
Advertisement
Permitting or Denying Commands for Users of Privilege Roles
Command or Action
switch(config)# copy running-config
startup-config
Step 7
exit
Example:
switch(config)# exit
switch#
Step 8
enable level
Example:
switch# enable 15
Related Topics
Permitting or Denying Commands for Users of Privilege Roles
As a network administrator, you can modify the privilege roles to permit users to execute specific commands
or to prevent users from running those commands.
You must follow these guidelines when changing the rules of privilege roles:
• You cannot modify the priv-14 and priv-15 roles.
• You can add deny rules only to the priv-0 role.
• These commands are always permitted for the priv-0 role: configure, copy, dir, enable, ping, show,
SUMMARY STEPS
1. configure terminal
2. [no] role name priv-n
3. rule number {deny | permit} command command-string
4. exit
5. (Optional) copy running-config startup-config
DETAILED STEPS
Command or Action
Step 1
configure terminal
Example:
switch# configure terminal
switch(config)#
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
96
Permitting or Denying Commands for Users of Privilege
Creating User Roles and
Rules, on page 162
ssh, telnet, terminal, traceroute, end, and exit.
Purpose
Exits global configuration mode.
Enables a user to move to a higher privilege level. This
command prompts for the secret password. The level
argument specifies the privilege level to which the user is
granted access. The only available level is 15.
Roles, on page 96
Purpose
Enters global configuration mode.
Configuring TACACS+
- Quick Links:
- Radius and Tacacs+ Security Protocols
Hide quick links:
Advertisement
Table of Contents
