Delete | Select the check box next to the administrator you want to remove from the list and select Delete. |
Create New | Select to create a new administrator. For more information, see “To create a new administrator account:”. |
User Name | The name this administrator uses to log in. Select the administrator name to edit the administrator settings. |
Type | The type of administrator account, one of: LOCAL, RADIUS, LDAP, TACACS+, or PKI. |
Profile | The administrator profile for this user that determines the privileges of this administrator. The profile can be one of: Restricted_User, Standard_User, Super_User, or a custom defined profile. For information on administrator profiles, see “Profile”. |
Admin Domain | The ADOMs to which the user has access. ADOM access can be to all ADOMs or specific ADOMs which are assigned to the profile. |
Status | Indicates whether the administrator is currently logged into the FortiAnalyzer unit not. A green circle with an up arrow indicates that the administrator is logged in, a red circle with a down arrow indicates that they are not. |
Comments | Descriptive text about the administrator account. |
User Name | Enter the name that this administrator uses to log in. |
Type | Select the type of authentication the administrator will use when logging into the FortiAnalyzer unit. Select one of: LOCAL, RADIUS, LDAP, TACACS+, or PKI. If you select LOCAL, you will need to add a password. |
Subject | If Type is set to PKI, enter a description. |
CA | If Type is set to PKI, select a certificate in the drop-down list. |
Require two-factor authentication | If Type is set to PKI, you can select the checkbox to enforce two-factor authentication. Enter a password and confirm. |
New Password | Enter the password. |
Confirm Password | Enter the password again to confirm it. |
Server | Select the RADIUS, LDAP, or TACACS+ server, as appropriate. This option is only available if Type is not LOCAL or PKI. |
wildcard | Select this option to set the password as a wildcard. This option is only available if Type is not LOCAL or PKI. |
Trusted Host1 Trusted Host2 Trusted Host3 ... | Optionally, enter the trusted host IP address and network mask from which the administrator can log in to the FortiAnalyzer unit. You can specify up to ten trusted hosts in the Web-based Manager or in the CLI. Setting trusted hosts for all of your administrators can enhance the security of your system. For more information, see “Using trusted hosts”. |
Trusted IPv6 Host1 Trusted IPv6 Host2 Trusted IPv6 Host3 ... | Optionally, enter the trusted host IPv6 address from which the administrator can log in to the FortiAnalyzer unit. You can specify up to three trusted IPv6 hosts in the Web-based Manager. You can configure up to ten trusted hosts in the CLI. Setting trusted IPv6 hosts for all of your administrators can enhance the security of your system. For more information, see “Using trusted hosts”. |
Profile | Select a profile from the list. The profile selected determines the administrator’s access to the FortiAnalyzer unit’s features. To create a new profile see “Configuring administrator profiles”. |
Admin Domain | Choose the ADOM this admin will belong to. This field is available only if ADOMs are enabled (see “Administrative Domains”). Select either All ADOMs or Specify. When selecting Specify, select the plus (+) icon to the left of the field to select one or multiple ADOMs. The Super_User profile defaults to All ADOMs access. |
Description | Optionally, enter a description of this administrator’s role, location or reason for their account. This field adds an easy reference for the administrator account. |
The default admin administrator account cannot be deleted. |