Configuring administrator accounts

System Settings : Managing administrators : Configuring administrator accounts

Configuring administrator accounts

Go to System Settings > Admin > Administrator to view the list of administrators and configure administrator accounts. Only the default admin administrator account can see the complete administrators list. If you do not have certain viewing privileges, you will not see the administrator list.

Figure 40: Administrator list

The following information is available:


Delete	Select the check box next to the administrator you want to remove from the list and select Delete.
Create New	Select to create a new administrator. For more information, see “To create a new administrator account:”.
User Name	The name this administrator uses to log in. Select the administrator name to edit the administrator settings.
Profile	The administrator profile for this user that determines the privileges of this administrator. For information on administrator profiles, see “Managing administrator access”.
ADOM	The ADOM to which the administrator has been assigned.
Scope	Global
Status	Indicates whether the administrator is currently logged into the FortiManager unit not. A green circle with an up arrow indicates the administrator is logged in, a red circle with a down arrow indicates the administrator is not logged in.
Comments	Descriptive text about the administrator account.

To create a new administrator account:

1. Go to System Settings > Admin > Administrator and select Create New.

The new administrator dialog box appears.

Figure 41: Creating a new administrator account

2. Configure the following settings:


User Name	Enter the name that this administrator uses to log in. This field is available if you are creating a new administrator account.
Type	Select the type of authentication the administrator will use when logging into the FortiManager unit. If you select LOCAL, you will need to add a password. Otherwise, depending on the type of authentication server selected, you will select the authentication server from a drop-down list.
New Password	Enter the password. This is available if Type is LOCAL.
Confirm Password	Enter the password again to confirm it. This is available if Type is LOCAL.
Trusted Host1 Trusted Host2 Trusted Host3	Optionally, enter the trusted host IP address and netmask from which the administrator can log in to the FortiManager unit. You can specify up to three trusted hosts. Setting trusted hosts for all of your administrators can enhance the security of your system. For more information, see “Using trusted hosts”.
Profile	Select a profile from the list, or select FortiConsole Only. The profile selected determines the administrator’s access to FortiManager unit features. To create a new profile see “Configuring administrator profiles”.
Admin Domain	Choose the ADOM this admin will belong to. This field is available only if ADOMs are enabled.
Description	Optionally, enter a description of this administrator’s role, location or reason for their account. This field adds an easy reference for the administrator account.
User Information (optional)
Contact Email	Enter a contact email address for the new administrator.
Contact Phone	Enter a contact phone number for the new administrator.

3. Select OK to create the new administrator account.

To modify an existing administrator account:

1. Go to System Settings > Admin> Administrator. The list of configured administrators appears; see Figure 40.

2. In the User Name column, double-click on the user name of the administrator you want to change. The Edit Administrator window appears; see Figure 42.

Figure 42: Editing an administrator account

3. Configure the following settings:


User Name	The name that this administrator uses to log in.
Type	The type of authentication the administrator will use when logging into the FortiManager unit. If LOCAL is selected, you will need to add a password. Otherwise, depending on the type of authentication server selected, you will select the authentication server from a drop-down list.
Change Password	Select to change passwords. This is available only if Type is LOCAL.
Old Password	Enter your old password. This is available only if Type is LOCAL.
New Password	Enter the password. This is available only if Type is LOCAL.
Confirm Password	Enter the password again to confirm it. This is available only if Type is LOCAL.
Trusted Host1 Trusted Host2 Trusted Host3	The trusted host IP address and netmask from which the administrator logs in to the FortiManager unit. Up to three trusted hosts can be specified.
Admin Domain	The ADOM this admin belongs to. This field is available only if administrative domains are enabled.
Profile	The profile selected determines the administrator’s access to FortiManager unit features. To create a new profile see “Configuring administrator profiles”.
Description	Optionally, A description of this administrator’s role, location or reason for their account. This field adds an easy reference for the administrator account.
User Information (optional)
Contact Email	A contact email address for the new administrator.
Contact Phone	A contact phone number for the new administrator.

4. Modify the settings as required. For more information about configuring account settings, see “To create a new administrator account:”.

5. Select OK to save your changes.

To delete an existing administrator account:

1. Go to System Settings > Admin > Administrator. The list of configured administrators appears; see Figure 40.

2. Select the check box of the administrator account you want to delete and then select the Delete icon in the toolbar.

3. In the dialog box that appears, select OK to confirm the deletion.