If you configured a system quarantine administrator account, this account does not appear in the list of standard FortiMail administrator accounts. For more information on the system quarantine administrator account, see “Configuring the system quarantine administrator account and disk quota”. |
GUI item | Description |
Enable | Select it to enable the new account. If disabled, the account will not be able to access FortiMail. |
Administrator | Enter the name for this administrator account. The name can contain numbers (0‑9), uppercase and lowercase letters (A‑Z, a‑z), hyphens ( - ), and underscores ( _ ). Other special characters and spaces are not allowed. |
Domain | Select System for the entire FortiMail unit or the name of a protected domain, such as example.com, to which this administrator account will be assigned. For more information on protected domain assignments, see “About administrator account permissions and domains”. Note: If Domain is a protected domain, the administrator cannot use the CLI, or the basic mode of the web UI. |
Access profile | Select the name of an access profile that determines which functional areas the administrator account may view or affect. Click New to create a new profile or Edit to modify the selected profile. For details, see “Configuring access profiles”. |
Authentication type | Select the local or remote type of authentication that the administrator will use: • Local • RADIUS • PKI • LDAP Note: RADIUS, LDAP and PKI authentication require that you first configure a RADIUS authentication profile, LDAP authentication profile, or PKI user. For more information, see “Configuring authentication profiles” and “Configuring PKI authentication”. |
Password | If you select Local as the authentication type, enter a secure password for this administrator account. The password can contain any character except spaces. This field does not appear if Authentication type is not Local or RADIUS+Local. |
Confirm password | Enter this account’s password again to confirm it. This field does not appear if Authentication type is not Local or RADIUS+Local. |
LDAP profile | If you choose to use LDAP authentication, select an LDAP profile you want to use. |
RADIUS profile | If you choose to use RADIUS or RADIUS + Local authentication, select a RADIUS profile you want to use. |
PKI profile | If you choose to use PKI authentication, select a PKI profile you want to use. |
Trusted hosts | Enter an IPv4 or IPv6 address or subnet from which this administrator can log in. You can add up to 10 trusted hosts. If you want the administrator to access the FortiMail unit from any IP address, use 0.0.0.0/0.0.0.0. Enter the IP address and netmask in dotted decimal format. For example, you might permit the administrator to log in to the FortiMail unit from your private network by typing 192.168.1.0/255.255.255.0. Note: For additional security, restrict all trusted host entries to administrative hosts on your trusted private network. Note: For information on restricting administrative access protocols that can be used by these hosts, see “Editing network interfaces”. |
Language | Select this administrator account’s preference for the display language of the web UI. |
Theme | Select this administrator account’s preference for the display theme or click Use Current to choose the theme currently in effect. The administrator may switch the theme at any time during a session by clicking Next Theme. |