System Admin Admin profiles
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 283
http://docs.fortinet.com/ • Feedback
To add admin profiles for FortiGate administrators, go to System > Admin > Admin Profile.
Each administrator account belongs to an admin profile. An administrator with read/write
access can create admin profiles that deny access to, allow read-only, or allow both read-
and write-access to FortiGate features.
When an administrator has read-only access to a feature, the administrator can access
the web-based manager page for that feature but cannot make changes to the
configuration. There are no Create or Apply buttons and lists display only the View ()
icon instead of icons for Edit, Delete or other modification commands.
Viewing the admin profiles list
You need to use the admin account or an account with Admin Users read/write access to
create or edit admin profiles. To view the admin profiles list, go to System > Admin >
Admin Profile.
Figure 127: Admin profile list
Router Configuration (routegrp) router
execute router
execute mrouter
Spamfilter Configuration (spamgrp) spamfilter
System Configuration (sysgrp) system except accprofile, admin,
arp-table, autoupdate, fortianalyzer,
interface, and zone.
execute date
execute ha
execute ping
execute ping-options
execute ping6
execute time
execute traceroute
execute cfg
execute factoryreset
execute reboot
execute shutdown
execute deploy
execute set-next-reboot
execute ssh
execute telnet
execute disconnect-admin-session
execute usb
VPN Configuration (vpngrp) vpn
execute vpn
Webfilter Configuration (webgrp) webfilter
Table 41: Admin profile control of access to CLI commands (Continued)
Access control Available CLI commands
To Next Page
Loading...
Need help?
General