Symptom

Default admin privileges are set to 15 in the Admin VDC and stay for a few days in all member VDCs then revert to a value of -1. This hampers automation scripts that require admin privileges. Admin_vdc# show privilege User name: admin Current privilege level: 15 Feature privilege: Enabled Vdc_1# show priv User name: user1 Current privilege level: -1 Feature privilege: Enabled Vdc_2# show privi User name: user2 Current privilege level: -1 Feature privilege: Enabled Vdc_3# show privi User name: user3 Current privilege level: -1 Feature privilege: Enabled Vdc_4# show priv User name: user4 Current privilege level: -1 Feature privilege: Enabled Vdc_5# show priv User name: user5 Current privilege level: -1 Feature privilege: Enabled Vdc_6# show priv User name: user6 Current privilege level: -1 Feature privilege: Enabled

Conditions

This happens after a few days. Manually setting with the following did not work either: To give privilege level of 15 to admin user, below configuration needs to be done N5K(config)# username admin role priv-15 Sign out and log back in with admin user credentials N5K# show privilege User name: cisco Current privilege level: 15 Feature privilege: Enabled Please note this changes does not affect the actual privilege of the network-admin user This is just workaround to see the highest level for admin user.

Workaround

Logging out of the member VDCs and then logging back into the Admin VDC sets the member VDCs privilege level back to 15.

Further Problem Description