- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Comware Based
- >
- Re: Disable Display Current-Configuration.
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-07-2021 01:51 AM
тАО06-07-2021 01:51 AM
Good morning, I need to create a read-only user who also can't run the display current-configuration command
How can I do it?
Thank you.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-07-2021 04:06 AM
тАО06-07-2021 04:06 AM
SolutionHello,
How users are authenitcated, local or via ladius?
You have to set user privilege level 0.
Please refer below link for your reference:
https://support.hpe.com/hpesc/public/docDisplay?docId=c03538018&docLocale=en_US
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-07-2021 04:26 AM
тАО06-07-2021 04:26 AM
Re: Disable Display Current-Configuration.
Thank you for the answer akg7
I created a local user
If I add the level-0 role, the current-configuration display does not work, but neither does the rest of the displays.
I want it to work all display commands except current-configuration and save-configuration.
[HP_5510_Cores]display ?
Permission denied.
[HP_5510_Cores]command-privilege
^
% Unrecognized command found at '^' position.
command-privilege does not recognize me as a valid command.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-07-2021 04:47 AM
тАО06-07-2021 04:47 AM
Re: Disable Display Current-Configuration.
I created the user Peter, and I assign him the user-role level-1
local-user Peter class manage
service-type ssh
authorization-attribute user-role level-1
Then in the role name level-1 I add the following lines to deny the display current and save commands
role name level-1
description Predefined level-1 role
rule 1 deny command display current-configuration
rule 2 deny command display save-configuration
I enter with the user Peter, I run the display current-configuration command and it allows me.
I don't understand anything.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-07-2021 05:04 AM
тАО06-07-2021 05:04 AM
Re: Disable Display Current-Configuration.
It already works for me, with the settings of the previous post.
It must be that I did not save changes or had not logout with user Peter and then login again.
Thank you very much for the help.
Greetings