System Admin Administrators
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 267
http://docs.fortinet.com/ • Feedback
System Admin
This section describes how to configure administrator accounts on your FortiGate unit.
Administrators access the FortiGate unit to configure its operation. The factory default
configuration has one administrator, admin. After connecting to the web-based manager
or the CLI, you can configure additional administrators with various levels of access to
different parts of the FortiGate unit configuration.
If you enable virtual domains (VDOMs) on the FortiGate unit, system administrators are
configured globally for the entire FortiGate unit. For details, see “Using virtual domains” on
page 159.
This section describes:
• Administrators
• Admin profiles
• Central Management
• Settings
• Monitoring administrators
• FortiGate IPv6 support
• Customizable web-based manager
Administrators
There are two levels of administrator accounts:
Note: Always end your FortiGate session by logging out, in the CLI or the web-based
manager. If you do not, the session remains open.
Regular
administrators
An administrator with any admin profile other than super_admin. A regular
administrator account has access to configuration options as determined by its
Admin Profile. If virtual domains are enabled, the regular administrator is
assigned to one VDOM and cannot access global configuration options or the
configuration for any other VDOM. For information about which options are global
and which are per VDOM, see “VDOM configuration settings” on page 160 and
“Global configuration settings” on page 163.
System
administrators
Includes the factory default system administrator admin, any other administrators
assigned to the super_admin profile, and any administrator that is assigned to the
super_admin_readonly profile. Any administrator assigned to the super_admin
admin profile, including the default administrator account admin, has full access
to the FortiGate unit configuration and general system settings that includes the
ability to:
• enable VDOM configuration
•create VDOMs
• configure VDOMs
• assign regular administrators to VDOMs
• configure global options
• customize the FortiGate web-based manager.
The super_admin admin profile cannot be changed; it does not appear in the list
of profiles in System > Admin > Admin Profile, but it is one of the selections in the
Admin Profile drop-down list in System > Admin New/Edit Administrator dialog
box.
To Next Page
Loading...
Need help?
General