View NACM ConfigurationΒΆ
The current NACM configuration can be viewed with the show nacm
command:
tnsr# show nacm
NACM
====
NACM Enable: true
Default Read policy : deny
Default Write policy: deny
Default Exec policy : deny
Group: admin
-----------
root
tnsr
Rule List: admin-rules
----------------------
Groups:
admin
Name Action Op Module Type
----------- ------ -- ------ ----
permit-all permit * *
This may be narrowed down to only show part of the configuration.
To view all groups:
tnsr# show nacm group
NACM
====
Group: admin
-----------
root
tnsr
Group: readonly
-----------
olly
reed
To view a specific group, use show nacm group <group-name>
:
tnsr# show nacm group admin
NACM
====
Group: admin
-----------
root
tnsr
To view all rule lists:
tnsr# show nacm rule-list
NACM
====
Rule List: admin-rules
----------------------
Groups:
admin
Name Action Op Module Type
----------- ------ ---- ------ ----
permit-all permit * *
Rule List: ro-rules
----------------------
Groups:
Name Action Op Module Type
----------- ------ ---- ------ ----
ro permit exec *
read deny * *
To view a specific rule list, use show nacm rule-list <list-name>
:
tnsr# show nacm rule-list admin-rules
NACM
====
Rule List: admin-rules
----------------------
Groups:
admin
Name Action Op Module Type
----------- ------ -- ------ ----
permit-all permit * *