Administrators
The Administrators menu allows you to configure administrator user accounts.
If the user whose Admin Profile does not have Read Write privilege under System > Admin access, the user will only be able to view and edit its own information.
The following options are available:
Create New |
Select to create a new administrator account. |
Edit |
Select an administrator account from the list and select Edit in the toolbar to edit the entry. |
Delete |
Select an administrator account from the list and select Delete in the toolbar to delete the entry. |
Test Login |
Select a LDAP/RADIUS administrator account from the list and select Test Login to test the user's login settings. If an error occurs, a detailed debug message will display. |
The following information is displayed:
Name |
Displays the administrator account name. |
Type |
The administrator type:
|
Profile |
The Admin Profile the user belongs to. |
To create a new user:
- Log in as a user whose Admin Profile has Read/Write privileges under System > Admin access, and go to System > Administrators.
- Select + Create New from the toolbar.
- Configure the following:
Administrator
Enter a name for the new administrator account. The administrator name must be 1 to 30 characters long and may only contain upper-case letters, lower-case letters, numbers, and the underscore character _.
Enter a password for the account. The password must be 6 to 64 characters long and may contain upper-case letters, lower-case letters, numbers, and special characters.
This field is available when Type is set to Local.
Confirm Password
Confirm the password for the account.
This field is available when Type is set to Local.
Type
Select either Local, LDAP, or RADIUS.
LDAP Server
When Type is LDAP, select the LDAP server from the drop-down list. For information on creating an LDAP server, see LDAP Servers.
RADIUS Server
When Type is RADIUS, select the RADIUS server from the drop-down list. For information on creating a RADIUS server, see RADIUS Servers.
Admin Profile
Select the Admin Profile the user belongs to.
Trusted Host 1, Trusted Host 2, Trusted Host 3
Enter up to three IPv4 trusted hosts. Only users from trusted hosts can access FortiDeceptor.
Trusted IPv6 Host 1, Trusted IPv6 Host 2, Trusted IPv6 Host 3
Enter up to three IPv6 trusted hosts. Only users from trusted hosts can access FortiDeceptor.
Comments
Enter an optional description comment for the administrator account.
- Select OK to create the new user.
To edit a user account:
- Log in as a user whose Admin Profile has Read/Write privileges under System > Admin access, and go to System > Administrators.
- Select the name of the user you would like to edit and select Edit from the toolbar.
- Edit the account as required and then re-type the new password in the confirmation field.
- Click OK to apply the changes.
When editing the admin account, you will be required to type the old password before you can set a new password. |
Only the admin user can edit its own settings. |
To delete one or more user accounts:
- Log in as a user whose Admin Profile has Read/Write privileges under System > Admin access, and go to System > Administrators.
- Select the user account you want to delete.
- Select Delete from the toolbar.
- Select Yes, I'm sure in the confirmation page to delete the selected user or users.
To test LDAP/RADIUS logins:
- Log in as a user whose Admin Profile has Read/Write privileges under System > Admin access, and go to System > Administrators.
- Select an LDAP/RADIUS user to test.
- Select Test Login from the toolbar.
- In the dialog box, enter the user's password.
- Click OK.
If an error occurs, a detailed debug message will appear.
When a remote RADIUS server is configured for two-factor authentication, RADIUS users must enter a FortiToken pin code or the code from email/SMS to complete login. For example, after the user clicks Login, the user must enter the code, and click Submit to complete the login. A pin code is also needed for the test login page. |