Seems you are in the view still. What does "show privilege" print?
With regards Kings On Wed, Jan 18, 2012 at 8:03 PM, <[email protected]> wrote: > Hi, Eugene and Piotr; > > I may be missing something, here, but my understanding is that there are, > in effect, 4 levels of privilege: > > privilege level 0 > privilege level 1 > privelege level 15 > ALL OTHER privilege levels, i.e., privilege levels 2 - 14 > > This last group of privilege levels are all NOT heirarchical, but rather > intended to allow admins to customize AAA settings/values. > > Perhaps, your alluding to privilege 2 is not/was not - intended to > suggested heirarchy, but rather this customizable aspect of those levels (2 > - 14).... Is so, then I apologize ... but just wanted to check. > > Thank you. > > Sincerely, > > Joshua Dughi > [email protected] > Tel. 307-752-5891 > > --- On *Tue, 1/17/12, Piotr Kaluzny <[email protected]>* wrote: > > > From: Piotr Kaluzny <[email protected]> > Subject: Re: [OSL | CCIE_Security] Role-Based CLI. > To: "Eugene Pefti" <[email protected]> > Cc: "CCIE Security Maillist" <[email protected]> > Date: Tuesday, January 17, 2012, 12:17 PM > > Eugene, > > Did you enable shell (execution shell) authorization? Also if you want to > see the "#" - privilege exec mode, you must assign the user to at least > privilege level 2. > > Regards, > -- > Piotr Kaluzny > CCIE #25665 (Security), CCSP, CCNP > Sr. Support Engineer - IPexpert, Inc. > URL: http://www.IPexpert.com <http://www.ipexpert.com/> > > > On Tue, Jan 17, 2012 at 7:37 PM, Eugene Pefti > <[email protected]<http://us.mc659.mail.yahoo.com/mc/[email protected]> > > wrote: > > Hello guys, > I know that this topic has been discussed many times and it seemed that > everyone made some mental adjustments as to how this RBAC/views should > function. > Still, I'd like to refresh and maybe understand what I miss. > I have this view configured on the router: > > parser view HTTP > secret 5 $1$drws$VUPJ/.OK1lsO8rX/nublC1 > commands configure include all ip http > commands configure include ip > commands exec include configure terminal > commands exec include configure > username HTTP-USER view HTTP password 0 cisco123 > > > When I telnet into this router as HTTP-USER I'm not getting "#" prompt and > I can't run "config t" command > > User Access Verification > > Username: HTTP-USER > Password: > > R2>config t > ^ > % Invalid input detected at '^' marker. > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com <http://www.platinumplacement.com/> > > > > -----Inline Attachment Follows----- > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
