Rene,
Great lesson however, I have question. During my test I created a user with level 2 privilege and I want user to only use the following commands.
“sh ip interface brief” and “configure terminal”
But when I was configuring I configured only " sh ip interface brief" and configure terminal. After that when I did show run I found extra lines in the configs which includes
“show IP” and “show”. I was able to block only “show run” and rest of the commands are available e.g sh ip arp etc.
In my opinion I should be able to see only " configure terminal and show ip interface brief. Question why I am seeing the rest of the commands they should be restricted.
privilege exec level 2 configure terminal
privilege exec level 2 configure
privilege exec level 2 show ip interface brief
privilege exec level 2 show ip interface
privilege exec level 2 show ip
privilege exec level 2 show
Please confirm this.
Thanks
Hamood