This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Read only account unable to 'show lldp neighbours'

Read only account unable to 'show lldp neighbours'

Jon_P
New Contributor III

Tuesday

Hi,

Users connecting to our VOSS devices using a read-only account are unable to use any of the 'show lldp' commands.

My questions are:
Is this intentional, or a bug?

Is there any change I can make that will result in the read-only users being able to use these commands?

(This is on 5520-24x and VSP-7400s running 9.0.2.0.)

0 Kudos
1 REPLY 1

reyna789
Visitor

5 hours ago

@Jon_P wrote:

Hi,

Users connecting to our VOSS devices using a read-only account are unable to use any of the 'show lldp' commands.

My questions are:
Is this intentional, or a bug?

Is there any change I can make that will result in the read-only users being able to use these commands?

(This is on 5520-24x and VSP-7400s running 9.0.2.0.)

Read-only users on VOSS devices typically can't use show lldp commands for security reasons. The best solution is to use Role-Based Access Control (RBAC) if available to grant specific show lldp access without broader permissions. Command authorization is a less ideal alternative. Creating scripts/aliases is discouraged due to security risks. TACACS+/RADIUS offers centralized control but is more complex. Always follow the principle of least privilege and audit access to sensitive commands.

0 Kudos
GTM-P2G8KFN