Connectivity Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048-ON

791

792

793

794

795

796

797

798

799

800

• mode—Enter the privilege mode where you are conguring the specic command. The following table lists the available privilege

modes and their corresponding command modes:

Privilege mode CLI mode

Exec exec

congure class-map, DHCP, logging, monitor, openow, policy-map, QOS, support-assist, telemetry, CoS, Tmap,

UFD, VLT, VN, VRF, WRED, or alias

interface Ethernet, FC, loopback, mgmt, null, port-group, lag, breakout, range, port-channel, VLAN

route-map route-map

router router-bgp, router-ospf

line line-vty

• priv-lvl—Enter the keyword and then the privilege number, from 2 to 14.

• command-string—Enter the specic command.

You cannot congure a privilege level less than 2 for sysadmin, netadmin, and secadmin roles.

2 Congure an enable password and assign the privilege level to it.

CONFIGURATION

enable password encryption-type password-string priv-lvl privilege-level

Encryption types:

• 0—Species an unencrypted password follows

• sha-256—Species a SHA-256 encrypted password follows

• sha-512—Species a SHA-512 encrypted password follows

priv-lvl—Enter the keyword and then the privilege number. The range is from 1to 15.

OS10(config)# privilege exec priv-lvl 3 "show version"

OS10(config)# enable password 0 P@$$w0Rd priv-lvl 3

OS10(config)# privilege exec priv-lvl 12 "configure terminal"

OS10(config)# privilege configure priv-lvl 12 route-map

OS10(config)# privilege route-map priv-lvl 12 "set local-preference"

OS10(config)# enable password sha-256 $5$2uThib1o$84p.tykjmz/w7j26ymoKBjrb7uepkUB priv-lvl 12

Audit log

To monitor user activity and conguration changes on the switch, enable the audit log. Only the sysadmin and secadmin roles can

enable, view, and clear the audit log.

The audit log records conguration and security events, including:

• User logins and logouts on the switch, failed logins, and concurrent login attempts by a user

• User-based conguration changes recorded with the user ID, date, and time of the change. The specic conguration parameters that

were changed are not logged.

• Establishment of secure trac ows, such as SSH, and violations on secure ows

• Certicate issues, including user access and changes made to certicate installation using crypto commands

• Adding and deleting users

Audit log entries are saved locally and sent to congured Syslog servers. To set up a Syslog server, see System logging.

Enable audit log

• Enable the recording of conguration and security events in the audit log on Syslog servers in CONFIGURATION mode.

logging audit enable

Security

799