< Home

user privilege

Function

The user privilege command configures a user level.

The undo user privilege command restores the default user level.

By default, users who log in to a device using the console interface are at level 15, and other users are at level 0.

Format

user privilege level level

undo user privilege level

Parameters

Parameter Description Value
level level Specifies a user level.
NOTE:

A larger value indicates a higher priority.

The value is an integer ranging from 0 to 15.

Views

User interface view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

To limit users' access permissions to a device, the device manages users by level. Users of a specified level can run only commands whose levels are lower than or equal to the user level.

Commands are classified into the visit level, monitoring level, configuration level, and management level that map levels 0, 1, 2, and 3, respectively. Table 1 describes these command levels.

Table 1 Command levels

User Level

Command Level

Permission

Description

0

0

Visit

Diagnostic commands, such as ping and tracert commands, and commands that are used to access a remote device such as a Telnet client

1

0 and 1

Monitoring

System maintenance commands, such as display commands

NOTE:

Some display commands are not at this level. For example, the display current-configuration and display saved-configuration commands are at level 3.

2

0, 1, and 2

Configuration

Service configuration commands

3-15

0, 1, 2, and 3

Management

System basic operation commands that are used to support services, including file system, FTP, TFTP, user management commands, command-level configuration commands, and debugging commands.

Precautions

If refined permission management is required, run the command-privilege level command to upgrade command levels.

Example

# Set the user level on the VTY0 user interface to 2.

<HUAWEI> system-view
[HUAWEI] user-interface vty 0
[HUAWEI-ui-vty0] user privilege level 2

# Log in to the device using Telnet and view detailed information about the VTY0 user interface.

<HUAWEI> display user-interface vty 0
  Idx  Type     Tx/Rx      Modem Privi ActualPrivi Auth  Int     
+ 34    VTY 0               -     2     15           N     -       
  +    : Current UI is active.
  F    : Current UI is active and work in async mode.
  Idx  : Absolute index of UIs.
  Type : Type and relative index of UIs.
  Privi: The privilege of UIs.
  ActualPrivi: The actual privilege of user-interface.
  Auth : The authentication mode of UIs.
      A: Authenticate use AAA.
      N: Current UI need not authentication.
      P: Authenticate use current UI's password.
  Int  : The physical location of UIs.
Table 2 Description of the user privilege level command output.

Item

Description

+

Current user interface is active.

F

Current user interface is active and is working in asynchronous mode.

Idx

Absolute index of the user interface.

Type

Type and relative index of the user interface.

Privi

Privilege of the user interface.

ActualPrivi

Actual privilege of the user interface.

Auth

Authentication mode of the user interface.

Int

Physical location of UIs.

A

AAA authentication.

N

None authentication

P

Password authentication
Parent Topic: UI Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >