Table of Contents
Advertisement
System Admin
Viewing the access profiles list
FortiGate Version 3.0 MR4 Administration Guide
01-30004-0203-20070102
Table 30: Access profile control of access to CLI commands
Spamfilter Configuration (spamgrp)
System Configuration (sysgrp)
VPN Configuration (vpngrp)
Webfilter Configuration (webgrp)
Go to System > Admin > Access Profile to add access profiles for FortiGate
administrators. Each administrator account belongs to an access profile. You can
create access profiles that deny access to, allow read-only, or allow both read-
and write-access to FortiGate features.
When an administrator has read-only access to a feature, the administrator can
access the web-based manager page for that feature but cannot make changes to
the configuration. There are no Create or Apply buttons and lists display only the
View (
) icon instead of icons for Edit, Delete or other modification commands.
Use the admin account or an account with Admin Users read and write access to
create or edit access profiles. Go to System > Admin > Access Profile.
Figure 78: Access profile list
Create New
Add a new access profile.
Profile Name
The name of the access profile.
Delete icon
Select to delete the access profile.
You cannot delete an access profile that has administrators assigned to it.
Edit icon
Select to modify the access profile.
spamfilter
system except accprofile, admin, arp-
table, autoupdate, fortianalyzer,
interface, and zone
execute date
execute ha
execute ping
execute ping-options
execute ping6
execute time
execute traceroute
execute cfg
execute factoryreset
execute reboot
execute shutdown
execute deploy
execute set-next-reboot
execute ssh
execute telnet
execute disconnect-admin-session
execute usb
vpn
execute vpn
webfilter
Access profiles
151
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
