Adding administrators
| The name of the administrator should not contain the characters <>()#"'. Using these characters in the administrator account name can result in a cross site scripting (XSS) vulnerability. |
Only the default ”admin” account or an administrator with read-write access control to add new administrator accounts and control their permission levels can create a new administrator account. If you log in with an administrator account that does not have the super_admin admin profile, the administrators list will show only the administrators for the current virtual domain.
When adding administrators, you are setting up the administrator’s user account. An administrator account comprises of an administrator’s basic settings as well as their access profile. The access profile is a definition of what the administrator is capable of viewing and editing.
To add an administrator - web-based manager
1. Go to System > Admin > Administrators.
2. Select Create New.
3. Enter the administrator name.
4. Select the type of account it will be. If you select Remote, the FortiGate unit can reference a RADIUS, LDAP or TACAS+ server.
5. When selecting Remote or PKI accounts, select the User Group the account will access.
For information on logging in using remote authentication servers, see the
User Authentication Guide. For an example of setting up a user with LDAP, see
“LDAP Admin Access and Authorization”6. Enter the password for the user.
This may be a temporary password that the administrator can change later. Passwords can be up to 256 characters in length. For more information on passwords, see
“Passwords”.
7. Select OK.
To add an administrator - CLI
config system admin
edit <admin_name>
set password <password>
set accprofile <profile_name>
end
See Also