How do I configure the web user level

61

Run the local-user user-name privilege level level command in the AAA view to set the web user level.




  • If the user level is 1, the user is a common administrator and can only access Device Information and change the password in User Management.
  • If the user level is 2, the user is an enterprise administrator and has most operating rights in the web system.
  • If the user level is 3 to 15, the user is a super administrator and has all operating rights in the web system.
You are advised to set level to 3 or higher.

Other related questions:
How do I configure the administrator level on an AR
If non-authentication is used, the administrator level is specified by using the user privilege level command in the VTY interface view. If local authentication is used, the administrator level can be configured in the following ways that are in descending order of priority: 1. Running the local-user privilege level command to configure the local user level 2. Running the admin-user privilege level command to configure the administrator level in a domain 3. Running the user privilege level command to configure the user level in the VTY interface view If remote authentication is used, the administrator level can be configured in the following ways that are in descending order of priority: 1. Using the user level sent by an authentication server to the AR after authentication has succeeded 2. Running the admin-user privilege level command to configure the administrator level in a domain 3. Running the user privilege level command to configure user level in the VTY interface view

How do I configure a multi-level VU
1. Log in to the web management system of the U1900 series unified gateways as the administrator. 2. Choose System > VU Management > Customized automatic switchboard configuration. 3. Click Create. 4. Click OK. A message indicating the configuration success is displayed. For more details, please refer to the U1900 series unified gateways product documentation.

How to configure a user level on an AR router
Methods of configuring user levels vary with specific scenarios (command lines):
- Configure a user level for a user.
[Huawei] aaa
[Huawei-aaa] local-user user1 privilege level 15  //Set the user level of user 1 to 15.  
-  Configure a user level for all users under a domain.
[Huawei] aaa
[Huawei-aaa] service-scheme sch1
[Huawei-aaa-service-sch1] admin-user privilege level 15  //Set the user level of all users under a domain to 15.  
-  Configure a user level for all users who log in through a page (take the VTY view as an example).
[Huawei] user-interface maximum-vty 15
[Huawei] user-interface vty 0 14
[Huawei-ui-vty0-14] user privilege level 15  //Set the user level in the VTY 0 to VTY 14 views to 15.
The preceding command is used to modify a user level as well. This command overwrites preceding operation results. Therefore, if this command is run multiple times, the last-time operation prevails.
If the user level configured on a page conflicts with the corresponding operation permission of a user, the operation permission prevails.

Configure a user level in web mode.
1.  Choose User Management > User Management.
2.  Click an icon of a desired local user from the user list.
3.  Enter corresponding content.
  a.  The super administrator enters Access level in order to modify the access level of other users.
  b.  To change Access level from the common user to the administrator (common administrator, enterprise administrator, or super administrator), enter New password and confirm Confirm password.

How do I define the command level

The administrator can run the command-privilege level level view view-name command-key command to set the command level in a specified view. This configuration enables a lower-level user to use some high-level commands, or raises the command level to improve device security.

NOTICE:

It is recommended that you do not change the default command level without the guidance of professionals. Otherwise, it may result in inconvenience for operation and maintenance and bring about security problems.

<Huawei> system-view
[Huawei] command-privilege level 5 view user save

Description of user levels on AR routers
User levels on AR routers are as follows: You can configure different user levels to control access rights of different users and improve device security. There are 16 user levels numbered from 0 to 15, in ascending order of priority. Visit level-0: It is used for network diagnosis, access to the external device, such as ping, tracert, and Telnet. Monitoring level-1: It is used for system maintenance, including display commands and other commands. Some display commands are unavailable at this level. For example, the display current-configuration and display saved-configuration commands are level-3 management commands. Configuration level-2: Service configuration commands. Management level-3 to 15: They are used to control basic system operations, including system file, FTP/TFTP download, user management, command level setting, and debugging commands. User levels correspond to the command levels. Users can use only the commands at the same or lower level than their own levels. By default, users logging in from the console port can run level 15 commands. By default, the user level of other login modes is 0 (visit level), that is, after the user logs in to a device, the user can only run the commands at level 0, including ping, tracert, and other commands for network diagnosis.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top