[c-nsp] local privilege level question

Greg Whynott Greg.Whynott at oicr.on.ca
Wed Jan 12 10:18:55 EST 2011


thanks Daniele,  thats it!
take care,
greg

On Jan 11, 2011, at 5:41 PM, Daniele Orlandi wrote:

> On Tuesday 11 January 2011 21:58:10 Greg Whynott wrote:
>> hello,
>>
>> on an ASR1004 we have local accounts where the privilege level is set to
>> 15.   when I type 'en' it still asks for the enable password.   is there
>> away to prevent this behavior so that persons with local accounts/15 priv
>> can execute level 15 commands without being prompted?
>>
>> we are not using any external sources for authentication,  its all local.
>
> Hi Greg,
>
> Try enabling "aaa authorization exec default local none" because the privilege
> is assigned in authorization phase.
>
> Ciao,
>
> --
>  Daniele "Vihai" Orlandi
>  Bieco Illuminista #184213
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/


--

This message and any attachments may contain confidential and/or privileged information for the sole use of the intended recipient. Any review or distribution by anyone other than the person for whom it was originally intended is strictly prohibited. If you have received this message in error, please contact the sender and delete all copies. Opinions, conclusions or other information contained in this message may not be that of the organization.



More information about the cisco-nsp mailing list