AAA - Restricted interface

About

If the user does not have administrator privileges the number of available commands are restricted.

Example

Below is presented a list of commands available to a built-in user having a guest role.

hostname:/#> whoami
gertrude (guest)
hostname:/#> help
show alarm [log]    Alarm status, or show alarm log
show arp            Show CPU ARP cache
clear               Clear screen.
show dhcp-clients   Show active DHCP clients. ...
show sensor         Display environment status: temperature, power, digital in and SFP ...
show fdb            Forwarding database (ATU/MAC)
ip <igmp|ospf|..>   System IP mode commands
show iface [..]     Interface overview
show lldp           LLDP/CDP neighbours
port [..]           Manage or show port status. ...
ptp                 System PTP commands.
rmon                Enter RMON mode
show spanning-tree  Status of Spanning Tree (RSTP). ...
show vlan [vid]     IEEE 802.1Q VLAN
date [..]           System date & time ...
logout              Logout, or quit the CLI.
system-information  Show system information
uptime              Display system uptime
version             Show currently running firmware build details
watchdog            Show watchdog status, raw
whoami              Show user ID.
______________________________________________________________________________
See "help all" or "help COMMAND" for more online help.
hostname:/#>

Similarly this is a list of commands available to a built-in user having an operator role.

hostname:/#> whoami
oswald (operator)
hostname:/#> help
show aggregates     Status of aggregated ports
show alarm [log]    Alarm status, or show alarm log
show arp            Show CPU ARP cache
clear               Clear screen.
show dhcp-clients   Show active DHCP clients. ...
show sensor         Display environment status: temperature, power, digital in and SFP ...
show fdb            Forwarding database (ATU/MAC)
show partitions     Show partition table
show history        Show command history
ip <igmp|ospf|..>   System IP mode commands
show iface [..]     Interface overview
show lldp           LLDP/CDP neighbours
show monitor [ID]   Port Monitor Overview
port [..]           Manage or show port status. ...
ptp                 System PTP commands.
rmon                Enter RMON mode
show spanning-tree  Status of Spanning Tree (RSTP). ...
show vlan [vid]     IEEE 802.1Q VLAN
ipcalc <..>         An IP subnet calculator ...
ping <..>           Ping a network host or group. ...
show logfile [FILE] Show contents of a log file ... 
nslookup <..>       Query the nameserver for the IP address of the given HOST optionally using  ...
media [..]          Media related operations. ...
date [..]           System date & time ...
logout              Logout, or quit the CLI.
show memory         Display memory usage
show processes      Display running processes
system-information  Show system information
uptime              Display system uptime
version             Show currently running firmware build details
watchdog            Show watchdog status, raw
whoami              Show user ID.
______________________________________________________________________________
See "help all" or "help COMMAND" for more online help.
hostname:/#>

Similarly this is a list of commands available to a built-in user having an auditor role.

hostname:/$> id
uid=510(bob) gid=510(bob) groups=104(w-auditor),510(bob)
hostname:/$> help
audit       System audit commands
id          List Unix user id and group id(s).
______________________________________________________________________________
See "help all" or "help COMMAND" for more online help.
hostname:/$> audit
hostname:/audit/$> help
list [..]          List the audit Categories and EventIDs that exist in the ...
raw-category [..]  Show the audit log file by category.
raw                Show the audit log file.
show               Show the audit ring buffer.
status             Show the audit ring buffer status.
last NUMBER        Show the audit ring buffer last [N] entries.
range [START] NUM  Show the audit ring buffer in range [[START] NUM] entries.
time [..]          Show the audit ring buffer in time range [[YYYY-MM[-DD]] [hh:mm[:ss]]] [[YY ...
from [..]          Show the audit ring buffer from time [[YYYY-MM[-DD]] ...
to [..]            Show the audit ring buffer to time [[YYYY-MM[-DD]] ...
search [..]        Show the audit ring buffer entries containing [STRING]. ...
category CATEGORY  Show the audit ring buffer entries from category [CATEGORY].
______________________________________________________________________________
See "help all" or "help COMMAND" for more online help.
hostname:/audit/$>