Override administrator attributes from profiles
FortiManager administrator accounts can be configured to use the RPC Permit (JSON API Access) and Trusted Hosts attributes that are defined by an administrator profile.
When an administrator has been configured to use the attributes from the profile, the attributes can no longer be changed by editing the administrator account.
This feature can only be configured from the FortiManager CLI.
For more information, see the FortiManager CLI Reference Guide on the Fortinet Document Library.
To use RPC Permit and Trusted Host administrator attributes from a profile:
- Go to System Settings > Administrators, and create or edit an admin user.
- In Admin Profile dropdown, select an administrator profile, and click OK.
- Configure the settings for the
rpc-permit
and/ortrusthost1
attributes in the admin profile.
Enter the following commands in the FortiManager CLI:config system admin profile
edit <profile name>
set rpc-permit {none | read | read-write}
set trusthost1 <ip & netmask>
end
- Configure the admin user to use the
from-profile
option for therpc-permit
and/ortrusthost1
attributes.
Enter the following commands in the FortiManager CLI:config system admin user
edit <admin user>
set rpc-permit from-profile
set trusthost1 from-profile
end
- In the FortiManager GUI, go to System Settings > Administrators and view the administrator account. The attributes that were configured to use the
from-profile
setting can no longer be edited and display the settings defined in the administrator profile.