Table of Contents
Advertisement
Administrative Domains (ADOMs)
FortiAnalyzer Version 3.0 MR7 Administration Guide
05-30007-0082-20080908
•
If ADOMs are enabled and you log in as any other administrator, you enter the
ADOM assigned to your account. A subset of the typical menus or CLI
commands appear, allowing access only to only logs, reports, quarantine files,
content archives, IP aliases, and LDAP queries specific to your ADOM. You
cannot access Global Configuration, or enter other ADOMs.
By default, administrator accounts other than the admin account are assigned
to the root ADOM, which includes all devices in the device list. By creating
ADOMs that contain a subset of devices in the device list, and assigning them
to administrator accounts, you can restrict other administrator accounts to a
subset of the FortiAnalyzer unit's total devices or VDOMs.
The admin administrator account cannot be restricted to an ADOM. Other
administrators are restricted to their ADOM, and cannot configure ADOMs or
Global Configuration.
The maximum number of ADOMs varies by FortiAnalyzer model.
FortiAnalyzer Model
FortiAnalyzer-400
FortiAnalyzer-800/800B
FortiAnalyzer-2000/2000A
FortiAnalyzer-4000/4000A
Note: ADOMs are not available on the FortiAnalyzer-100 or FortiAnalyzer-100A/100B.
The admin administrator can further restrict other administrators' access to specific
configuration areas within their ADOM by using access profiles. For more information, see
"Access Profile" on page 50
About administrative domains (ADOMs)
Number of Administrative Domains
10
50
100
250
21
Advertisement
Table of Contents
