SUMMARY STEPS
1. configure terminal
2. [no] feature privilege
3. [no] enable secret [0 | 5] password [priv-lvl priv-lvl | all]
4. [no] username username priv-lvl n
5. (Optional) show privilege
6. (Optional) copy running-config startup-config
7. exit
8. enable level
DETAILED STEPS
PurposeCommand or Action
Enters global configuration mode.configure terminal
Example:
Step 1
switch# configure terminal
switch(config)#
Enables or disables the cumulative privilege of roles. Users
can see the enable command only if this feature is enabled.
The default is disabled.
[no] feature privilege
Example:
switch(config)# feature privilege
Step 2
Enables or disables a secret password for a specific privilege
level. Users are prompted to enter the correct password
upon each privilege level escalation. The default is disabled.
[no] enable secret [0 | 5] password [priv-lvl priv-lvl | all]
Example:
switch(config)# enable secret 5 def456 priv-lvl 15
Step 3
You can enter 0 to specify that the password is in clear text
or 5 to specify that the password is in encrypted format.
The password argument can be up to 64 alphanumeric
characters. The priv-lvl argument is from 1 to 15.
To enable the secret password, you must have
enabled the cumulative privilege of roles by
entering the feature privilege command.
Note
Enables or disables a user to use privilege levels for
authorization. The default is disabled.
[no] username username priv-lvl n
Example:
Step 4
The priv-lvl keyword specifies the privilege level to which
the user is assigned. There is no default privilege level.
switch(config)# username user2 priv-lvl 15
Privilege levels 0 to 15 (priv-lvl 0 to priv-lvl 15) map to
user roles priv-0 to priv-15.
Displays the username, current privilege level, and status
of cumulative privilege support.
(Optional) show privilege
Example:
Step 5
switch(config)# show privilege
Copies the running configuration to the startup
configuration.
(Optional) copy running-config startup-config
Example:
Step 6
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
95
Configuring TACACS+
Configuring Privilege Level Support for Authorization on TACACS+ Servers
To Next Page
Loading...
