I have a user/password set up and set to level 5 under user accounts.
When I log it it seems it has level 15 access.
I see posting where they show to go into AAA Access, Authorization, enable -Set ASDM Defined User Roles
My main concern is affecting my LOCAL "admin" account and not have rights to correct it after this wizard runs.
(Aside from not committing to starup-config)
My authentication is LOCAL only with an admin account named admin. The Set ASDM Defined roles specifically says it will setup user profiles one being named admin.
Would this wipe my existing admin account and password?
Maybe I should clone another admin account with a different username.
I basically do not want an automated setup to wipe out my predefined profiles/passwords.
The level 5 user just needs to be able to run show commands, and in the ASDM see the hourly stats (top 10) and traffic overview.
Or is there a list of CLI commands I could apply to set this user level 5 up without letting the ASA apply multiple changes.
I do not have physical access to this ASA. (EU)
privilege show level 3 mode exec command logging
privilege show level 3 mode exec command blocks
and can now load the asdm level 3.
Now I just need the commands to show the dashboard interface stats, top 10 etc...