10-18-2012 05:40 AM
We are trying to meet our security recomendations and create roles for scripts that don't need to have super user privs
We created a user with network-operations rights so they could aaa delete users, however we wanted to re-use that user to read show alarms in the system, however it seems that the network-operations role can't run that command
(Controller) #show alarms
You do not have permission to execute this show command show alarms
However if I make a user as read-only they can issue that command but not a aaa delete.
Is there a listing of the rights each of the roles has?
network-operations - Network operator role
read-only - Read only role