Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 3.2.1
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    User Guide

    Home FortiAIOps 3.2.1 User Guide
    3.2.1
    3.2.1
    3.2.0
    3.0.0
    2.1.0
    2.0.1
    2.0.0

    Users

    Users

    The FortiAIOps allows administrators to create users, who will subsequently be available in the FortiAIOps application.

    User profiles within FortiAIOps are consistent across both the Command Line Interface (CLI) and the Graphical User Interface (GUI). Users can use the same password for both CLI and GUI access.

    Note:

    • GUI usernames must begin with a lowercase letter or an underscore (_) and can include special characters like hyphens (-) or underscores (_), along with along with alphanumeric characters (a-z, A-Z, 0-9).

    • After upgrading to version 3.0.0, GUI user names starting with a capital letter will be marked as invalid, preventing CLI synchronization.

    • If a user that exists in both CLI and GUI have different passwords, they will retain their respective passwords even after the upgrade.

    • Upon upgrading to release 3.0.0, all pre-existing user configurations will be automatically synchronized between the CLI and GUI.

    User permissions are indirectly assigned through their membership in user groups. By default, all users are members of the Default user group. The admin user and all ADOMs are automatically members of the Super User user group, and cannot be moved to any other user group. All users must belong to at least one user group. It is recommended to assign both the ADOM and users to the user group upon its creation to ensure that users have access to the assigned ADOM. If a user is removed from a user group, they will be moved to the Default user group.

    Note: User Management configuration can only be performed by users with the System Administrator and Super User roles.

    Adding a New User

    Perform the following steps to add a new user:

    1. Click +Add User.

    2. Enter the user information such as Full Name, and Username.

    3. In the Type field, select the type of server. Choose between LOCAL, RADIUS, LDAP, Microsoft Active Directory, SAML SSO, or Microsoft ADFS SAML IDP.

    4. Select the server from the Server drop-down menu.
      Note: If the Type selected is LOCAL, enter a password in the Password field and confirm the same in the Confirm Password field.

    5. Enable Match all users on remote server to add all users from an remote server. All users specified in the remote server will be able to access FortiAIOps with the selected Admin Profile.

      Note: This option is not available for User Type LOCAL.

    6. Specify the role. FortiAIOps supports Guest, Standard_User and Super_User roles.

      User Role Access Level
      Guest Read only access to all features in the system except system settings.
      Standard_User Read/Write privilege to all configurations and features except system settings .
      Super_User/ System Administrator Read/Write access across system. All super users will have access to all ADOMs, all devices, all system settings.

    7. Click Save.

    Notes:

    • Once you have created users in FortiAIOps, it is necessary to refresh the FortiAIOps application portal in order for the users list to be updated and displayed in the User Groups page.

    • The super user or system administrator can provide ADOM access to a user by choosing the ADOM and the users in the user group option in FortiAIOps application portal. See User Groups.

    • Users created in GUI will be synced to CLI and vice versa.

    • By default, user created in CLI will have super-user access, and can be changed from GUI.

    Editing User Information

    Select a user and click Edit to modify user information. This includes changing the user's full name, role or password.

    Deleting User Information

    To delete a user, select the user and click Delete. This action will remove the user from both the GUI and CLI.

    Previous
    Next

    Users

    Users

    The FortiAIOps allows administrators to create users, who will subsequently be available in the FortiAIOps application.

    User profiles within FortiAIOps are consistent across both the Command Line Interface (CLI) and the Graphical User Interface (GUI). Users can use the same password for both CLI and GUI access.

    Note:

    • GUI usernames must begin with a lowercase letter or an underscore (_) and can include special characters like hyphens (-) or underscores (_), along with along with alphanumeric characters (a-z, A-Z, 0-9).

    • After upgrading to version 3.0.0, GUI user names starting with a capital letter will be marked as invalid, preventing CLI synchronization.

    • If a user that exists in both CLI and GUI have different passwords, they will retain their respective passwords even after the upgrade.

    • Upon upgrading to release 3.0.0, all pre-existing user configurations will be automatically synchronized between the CLI and GUI.

    User permissions are indirectly assigned through their membership in user groups. By default, all users are members of the Default user group. The admin user and all ADOMs are automatically members of the Super User user group, and cannot be moved to any other user group. All users must belong to at least one user group. It is recommended to assign both the ADOM and users to the user group upon its creation to ensure that users have access to the assigned ADOM. If a user is removed from a user group, they will be moved to the Default user group.

    Note: User Management configuration can only be performed by users with the System Administrator and Super User roles.

    Adding a New User

    Perform the following steps to add a new user:

    1. Click +Add User.

    2. Enter the user information such as Full Name, and Username.

    3. In the Type field, select the type of server. Choose between LOCAL, RADIUS, LDAP, Microsoft Active Directory, SAML SSO, or Microsoft ADFS SAML IDP.

    4. Select the server from the Server drop-down menu.
      Note: If the Type selected is LOCAL, enter a password in the Password field and confirm the same in the Confirm Password field.

    5. Enable Match all users on remote server to add all users from an remote server. All users specified in the remote server will be able to access FortiAIOps with the selected Admin Profile.

      Note: This option is not available for User Type LOCAL.

    6. Specify the role. FortiAIOps supports Guest, Standard_User and Super_User roles.

      User Role Access Level
      Guest Read only access to all features in the system except system settings.
      Standard_User Read/Write privilege to all configurations and features except system settings .
      Super_User/ System Administrator Read/Write access across system. All super users will have access to all ADOMs, all devices, all system settings.

    7. Click Save.

    Notes:

    • Once you have created users in FortiAIOps, it is necessary to refresh the FortiAIOps application portal in order for the users list to be updated and displayed in the User Groups page.

    • The super user or system administrator can provide ADOM access to a user by choosing the ADOM and the users in the user group option in FortiAIOps application portal. See User Groups.

    • Users created in GUI will be synced to CLI and vice versa.

    • By default, user created in CLI will have super-user access, and can be changed from GUI.

    Editing User Information

    Select a user and click Edit to modify user information. This includes changing the user's full name, role or password.

    Deleting User Information

    To delete a user, select the user and click Delete. This action will remove the user from both the GUI and CLI.

    Previous
    Next