I think, you need to configure "privilege level 15" under the vty line.
The privilege level that you associate with the username might be used for backup, if the parserv view is not configured for the user. With regards Kings On Thu, Dec 3, 2009 at 4:39 PM, Badar Farooq <[email protected]> wrote: > Here is what I am trying to do > I am creating two users ADMIN and Operator. ADMIN has all the rights and > for OPERATOR i am restricting the access through role based CLI using a view > HTTP. > I am using local authentication and authorization, placing both users at > privilege level 15 and placing OPERATOR in view HTTP. > When I login using the OPERATOR, instead of being placed at exec (priv 15) > I am placed at priv level 0. If i enable here, I am given level 15 un > restricted access. > > What am i doing wrong. > Here is the config > > aaa authentication login default none > aaa authentication login VTY local > aaa authorization exec VTY local > ! > username ADMIN privilege 15 password 0 CISCO > username OPERATOR privilege 15 view HTTP password 0 CISCO > ! > line vty 0 4 > password cisco > authorization exec VTY > login authentication VTY > transport input ssh > ! > parser view HTTP > secret 5 $1$WpiY$Xj9az9zBmG5nWyN7sdUkK. > commands configure include all ip http > commands configure include ip > commands exec include configure terminal > commands exec include configure > ! > > > And here is my issue > > Rack1R5#ssh -l OPERATOR 150.1.4.4 > > Password: > > Rack1R4> > > (Note here.... i am not in priv lev 15) > > if I enable here I go out of the view and have all the access > > shouldn't I be placed in exec mode but in restricted view... > > With other user, i am directly placed in exec > Rack1R5#ssh -l ADMIN 150.1.4.4 > > Password: > > Rack1R4# > > Any help will be appreciated > > > Regards > Badar Farooq > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
