Administrator Guide
Switch Management
This chapter describes the switch management tasks supported on the switch.
Conguring Privilege Levels
Privilege levels restrict access to commands based on user or terminal line.
There are 16 privilege levels, of which three are pre-dened. The default privilege level is 1.
Level Description
Level 0 Access to the system begins at EXEC mode, and EXEC mode commands are limited to enable, disable, and
exit.
Level 1 Access to the system begins at EXEC mode, and all commands are available.
Level 15 Access to the system begins at EXEC Privilege mode, and all commands are available.
For information about how access and authorization is controlled based on a user’s role, see Role-Based Access Control.
Creating a Custom Privilege Level
Custom privilege levels start with the default EXEC mode command set. You can then customize privilege levels 2-14 by:
• restricting access to an EXEC mode command
• moving commands from EXEC Privilege to EXEC mode
• restricting access
A user can access all commands at his privilege level and below.
Removing a Command from EXEC Mode
To remove a command from the list of available commands in EXEC mode for a specic privilege level, use the privilege exec
command from CONFIGURATION mode.
In the command, specify a level greater than the level given to a user or terminal line, then the rst keyword of each command you wish to
restrict.
Moving a Command from EXEC Privilege Mode to EXEC Mode
To move a command from EXEC Privilege to EXEC mode for a privilege level, use the privilege exec command from
CONFIGURATION mode.
In the command, specify the privilege level of the user or terminal line and specify all keywords in the command to which you want to allow
access.
4
Switch Management 57