Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • EMS Administration Guide

    Home FortiClient 6.2.4 EMS Administration Guide
    6.2.4
    7.4.1
    7.4.0
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.9
    6.4.8
    6.4.7
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.8
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0

    Admin role permissions reference

    Admin role permissions reference

    The following tables list the permissions available when configuring an admin role. The tables also include a description of what the permission allows the user to do and a link to the relevant section in this guide.

    Permissions that apply to Chromebook management are denoted with an asterisk (*).

    Endpoint permissions

    Permission

    Link to description
    Manage LDAPs Manage connections to LDAP servers to import users from. See User Servers.
    Manage Google domains* Manage connections to Google domains to decide which Chromebooks to manage. See Google Domains.
    Manage custom groups Create, rename, and edit groups to manage endpoints. See Managing groups.
    Run commands on endpoints Perform actions to endpoints on the Endpoints pane, including uploading FortiClient logs, requesting diagnostic results, and so on. See Managing endpoints.

    Block/Unblock/Quarantine/Unquarantine/Reregister endpoints

    Manage endpoint access to the network through blocking, quarantine, and registration. See Managing endpoints.
    Manage and assign endpoint policies

    See Endpoint Policy.
    View group assignment rules

    View group assignment rules. See Group assignment rules.
    Manage group assignment rules

    Create, delete, and edit group assignment rules. See Group assignment rules.
    View endpoint filter bookmarks

    View endpoint filter bookmarks. See Using bookmarks to filter the list of endpoints.
    Manage endpoint filter bookmarks

    Create, delete, and edit endpoint filter bookmarks. See Using bookmarks to filter the list of endpoints.
    View quarantine management

    View lists of quarantined and allowlisted files. See Quarantine Management.
    Manage quarantine management

    Allowlist and restore quarantined files and remove files from the allowlist. See Quarantine Management.
    View software inventory

    See Software Inventory.
    Manage software inventory

    See Software Inventory.

    Policy permissions

    Permission

    Link to description

    View endpoint policies*

    View endpoint policies. See Endpoint Policy.
    View endpoint profiles* View endpoint profiles. See Endpoint Profiles.
    Manage endpoint profiles* Create, delete, and edit endpoint profiles. See Endpoint Profiles.

    View host verification rules

    View compliance verification rules. See Compliance Verification Rules.

    Manage host verification rules

    Create, delete, and edit compliance verification rules. See Compliance Verification Rules.
    View gateway lists View gateway lists. Telemetry Gateway Lists.
    Manage gateway lists Create, delete, and edit gateway lists. See Telemetry Gateway Lists.

    View installers

    View installers. Managing installers

    Manage installers

    Create, delete, and edit installers. See Managing installers.

    View CA certificates

    View CA certificates. See Policy Components.

    Manage CA certificates

    Upload, import, and delete CA certificates. See Policy Components.

    Setting permissions

    Permission

    Link to description
    View server settings* View Server settings. See Configuring Server settings
    Manage server settings* Modify Server settings. See Configuring Server settings.
    View FortiGuard settings View FortiGuard settings. See Configuring Fortinet Services settings.
    Manage FortiGuard settings Modify FortiGuard settings. See Configuring Fortinet Services settings.

    View endpoint settings

    View Endpoints settings. See Configuring Endpoints settings.

    Manage endpoint settings

    Modify Endpoints settings. See Configuring Endpoints settings.

    View login banner settings*

    View login banner settings. See Configuring the login banner.

    Manage login banner settings*

    Modify login banner settings. See Configuring the login banner.

    View alert settings*

    View Alerts settings. See Alerts.

    Manage alert settings*

    Modify Alerts settings. See Alerts.

    View custom message settings

    View endpoint quarantine message settings. See Customizing the endpoint quarantine message.

    Manage custom message settings

    Modify endpoint quarantine message settings. See Customizing the endpoint quarantine message.
    Previous
    Next

    Admin role permissions reference

    Admin role permissions reference

    The following tables list the permissions available when configuring an admin role. The tables also include a description of what the permission allows the user to do and a link to the relevant section in this guide.

    Permissions that apply to Chromebook management are denoted with an asterisk (*).

    Endpoint permissions

    Permission

    Link to description
    Manage LDAPs Manage connections to LDAP servers to import users from. See User Servers.
    Manage Google domains* Manage connections to Google domains to decide which Chromebooks to manage. See Google Domains.
    Manage custom groups Create, rename, and edit groups to manage endpoints. See Managing groups.
    Run commands on endpoints Perform actions to endpoints on the Endpoints pane, including uploading FortiClient logs, requesting diagnostic results, and so on. See Managing endpoints.

    Block/Unblock/Quarantine/Unquarantine/Reregister endpoints

    Manage endpoint access to the network through blocking, quarantine, and registration. See Managing endpoints.
    Manage and assign endpoint policies

    See Endpoint Policy.
    View group assignment rules

    View group assignment rules. See Group assignment rules.
    Manage group assignment rules

    Create, delete, and edit group assignment rules. See Group assignment rules.
    View endpoint filter bookmarks

    View endpoint filter bookmarks. See Using bookmarks to filter the list of endpoints.
    Manage endpoint filter bookmarks

    Create, delete, and edit endpoint filter bookmarks. See Using bookmarks to filter the list of endpoints.
    View quarantine management

    View lists of quarantined and allowlisted files. See Quarantine Management.
    Manage quarantine management

    Allowlist and restore quarantined files and remove files from the allowlist. See Quarantine Management.
    View software inventory

    See Software Inventory.
    Manage software inventory

    See Software Inventory.

    Policy permissions

    Permission

    Link to description

    View endpoint policies*

    View endpoint policies. See Endpoint Policy.
    View endpoint profiles* View endpoint profiles. See Endpoint Profiles.
    Manage endpoint profiles* Create, delete, and edit endpoint profiles. See Endpoint Profiles.

    View host verification rules

    View compliance verification rules. See Compliance Verification Rules.

    Manage host verification rules

    Create, delete, and edit compliance verification rules. See Compliance Verification Rules.
    View gateway lists View gateway lists. Telemetry Gateway Lists.
    Manage gateway lists Create, delete, and edit gateway lists. See Telemetry Gateway Lists.

    View installers

    View installers. Managing installers

    Manage installers

    Create, delete, and edit installers. See Managing installers.

    View CA certificates

    View CA certificates. See Policy Components.

    Manage CA certificates

    Upload, import, and delete CA certificates. See Policy Components.

    Setting permissions

    Permission

    Link to description
    View server settings* View Server settings. See Configuring Server settings
    Manage server settings* Modify Server settings. See Configuring Server settings.
    View FortiGuard settings View FortiGuard settings. See Configuring Fortinet Services settings.
    Manage FortiGuard settings Modify FortiGuard settings. See Configuring Fortinet Services settings.

    View endpoint settings

    View Endpoints settings. See Configuring Endpoints settings.

    Manage endpoint settings

    Modify Endpoints settings. See Configuring Endpoints settings.

    View login banner settings*

    View login banner settings. See Configuring the login banner.

    Manage login banner settings*

    Modify login banner settings. See Configuring the login banner.

    View alert settings*

    View Alerts settings. See Alerts.

    Manage alert settings*

    Modify Alerts settings. See Alerts.

    View custom message settings

    View endpoint quarantine message settings. See Customizing the endpoint quarantine message.

    Manage custom message settings

    Modify endpoint quarantine message settings. See Customizing the endpoint quarantine message.
    Previous
    Next