Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

801

802

803

804

805

806

807

808

809

810

• If you assign only the first keyword to the privilege level, all commands beginning with that keyword are also assigned to the privilege

level. If you enter the entire command, the software assigns the privilege level to that command only.

To assign commands and passwords to a custom privilege level, use the following commands. You must be in privilege level 15.

1. Assign a user name and password.

CONFIGURATION mode

username name [access-class access-list-name] [privilege level] [nopassword | password

[encryption-type] password]

Configure the optional and required parameters:

•

name: enter a text string (up to 63 characters).

• access-class access-list-name: enter the name of a configured IP ACL.

• privilege level: the range is from 0 to 15.

• nopassword: do not require the user to enter a password.

• encryption-type: enter 0 for plain text or 7 for encrypted text.

• password: enter a string.

2. Configure a password for privilege level.

CONFIGURATION mode

enable password [level level] [encryption-mode] password

Configure the optional and required parameters:

• level level: specify a level from 0 to 15. Level 15 includes all levels.

• encryption-type: enter 0 for plain text or 7 for encrypted text.

• password: enter a string up to 25 characters long.

To change only the password for the enable command, configure only the password parameter.

3. Configure level and commands for a mode or reset a command’s level.

CONFIGURATION mode

privilege mode {level level command | reset command}

Configure the following required and optional parameters:

• mode: enter a keyword for the modes (exec, configure, interface, line, route-map, or router)

• level level: the range is from 0 to 15. Levels 0, 1, and 15 are pre-configured. Levels 2 to 14 are available for custom

configuration.

• command: a CLI keyword (up to five keywords allowed).

• reset: return the command to its default privilege mode.

To view the configuration, use the show running-config command in EXEC Privilege mode.

The following example shows a configuration to allow a user john to view only EXEC mode commands and all snmp-server commands.

Because the snmp-server commands are enable level commands and, by default, found in CONFIGURATION mode, also assign the

launch command for CONFIGURATION mode, configure, to the same privilege level as the snmp-server commands.

Line 1: The user john is assigned privilege level 8 and assigned a password.

Line 2: All other users are assigned a password to access privilege level 8.

Line 3: The configure command is assigned to privilege level 8 because it needs to reach CONFIGURATION mode where the snmp-

server commands are located.

Line 4: The snmp-server commands, in CONFIGURATION mode, are assigned to privilege level 8.

Dell(conf)#username john privilege 8 password john

Dell(conf)#enable password level 8 notjohn

Dell(conf)#privilege exec level 8 configure

Dell(conf)#privilege config level 8 snmp-server

Dell(conf)#end

Dell#show running-config

Current Configuration ...

hostname Force10

enable password level 8 notjohn

enable password Force10

Security

807