| 12.2 | Configuring AAA | ||
| 12.2.9 | Configuring command authorization |
|
You can configure precisely which
commands belong to which privilege levels, including levels that you
define. The commands shown in Figure You can use the aaa authorization command to grant access to commands by privilege level, as shown in FigureThe user who logs in with level 7 privileges can ping and do snmp-server configuration in configuration mode. Other configuration commands are not available.A user's privilege level can be determined by the security server or the local username/password database. To configure a local user for a specific privilege, use the following command:
The following example shows the command you use to create a user named flannery with a privilege level of 7:
When this user logs in, she will only have access to commands in privilege level 7 and below.
|