System Admin Access profiles
FortiGate Version 3.0 MR4 Administration Guide
01-30004-0203-20070102 151
Go to System > Admin > Access Profile to add access profiles for FortiGate
administrators. Each administrator account belongs to an access profile. You can
create access profiles that deny access to, allow read-only, or allow both read-
and write-access to FortiGate features.
When an administrator has read-only access to a feature, the administrator can
access the web-based manager page for that feature but cannot make changes to
the configuration. There are no Create or Apply buttons and lists display only the
View ( ) icon instead of icons for Edit, Delete or other modification commands.
Viewing the access profiles list
Use the admin account or an account with Admin Users read and write access to
create or edit access profiles. Go to System > Admin > Access Profile.
Figure 78: Access profile list
Spamfilter Configuration (spamgrp) spamfilter
System Configuration (sysgrp) system except accprofile, admin, arp-
table, autoupdate, fortianalyzer,
interface, and zone
execute date
execute ha
execute ping
execute ping-options
execute ping6
execute time
execute traceroute
execute cfg
execute factoryreset
execute reboot
execute shutdown
execute deploy
execute set-next-reboot
execute ssh
execute telnet
execute disconnect-admin-session
execute usb
VPN Configuration (vpngrp) vpn
execute vpn
Webfilter Configuration (webgrp) webfilter
Table 30: Access profile control of access to CLI commands
Create New Add a new access profile.
Profile Name The name of the access profile.
Delete icon Select to delete the access profile.
You cannot delete an access profile that has administrators assigned to it.
Edit icon Select to modify the access profile.
To Next Page
Loading...
Need help?
General