Fortinet black logo

Administration Guide

Home FortiDeceptor 3.0.0 Administration Guide

Administrators

3.0.0
5.3.0
5.2.0
5.1.0
5.0.0
4.3.0
4.2.0
4.1.1
4.1.0
4.0.2
4.0.1
4.0.0
3.3.3
3.3.2
3.3.1
3.3.0
3.2.2
3.2.1
3.2.0
3.1.1
3.1.0
3.0.2
3.0.1
3.0.0
2.1.0
2.0.0
1.1.0
1.0.1
Copy Link
Copy Doc ID 7231d54a-211f-11ea-9384-00505692583a:151833
Download PDF

Administrators

Use the Administrators page to configure administrator user accounts.

If the user whose Admin Profile does not have Read Write privilege under System > Admin access, the user can only view and edit their own information.

The following options are available:

Create New

Create a new administrator account.

Edit

Edit the selected entry.

Delete

Delete the selected entry.

Test Login

Test the selected user's login settings. If an error occurs, a debug message appears.

The following information is displayed:

Name

The administrator account name.

Type

The administrator type:

  • Local
  • LDAP
  • RADIUS

Profile

The Admin Profile the user belongs to.
To create a new user:
  1. Log in as a user whose Admin Profile has Read/Write privileges under System > Admin access and go to System > Administrators.
  2. Click Create New.
  3. Configure the following:

    Administrator

    Name of the administrator account. The name must be 1 to 30 characters using only upper-case letters, lower-case letters, numbers, or the underscore character (_).

    Password

    Password of the account. The password must be 6 to 64 characters using only upper-case letters, lower-case letters, numbers, or special characters.

    This field is available when Type is set to Local.

    Confirm Password

    Confirm the password for the account.

    Type

    Select Local, LDAP, or RADIUS.

    LDAP Server

    When Type is LDAP, select a LDAP Server. For information on creating an LDAP server, see LDAP Servers.

    RADIUS Server

    When Type is RADIUS, select a RADIUS Server. For information on creating a RADIUS server, see RADIUS Servers.

    Admin Profile

    Select the Admin Profile.

    Trusted Host 1, Trusted Host 2, Trusted Host 3

    Enter up to three IPv4 trusted hosts. Only users from trusted hosts can access FortiDeceptor.

    Trusted IPv6 Host 1, Trusted IPv6 Host 2, Trusted IPv6 Host 3

    Enter up to three IPv6 trusted hosts. Only users from trusted hosts can access FortiDeceptor.

    Comments

    Enter an optional comment.

    Setting trusted hosts for administrators limits what computers an administrator can use to log into FortiDeceptor. When you identify a trusted host, FortiDeceptor only accepts the administrator’s login from the configured IP address or subnet. Attempts to log in with the same credentials from another IP address or subnet are dropped.
  4. Click OK.
To edit a user account:
  1. Log in as a user whose Admin Profile has Read/Write privileges under System > Admin access and go to System > Administrators.
  2. Select the name of the user you want to edit and click Edit.

    Only the admin user can edit its own settings.

    You must enter old password before you can set a new password.

  3. Edit the account and click OK.
To delete one or more user accounts:
  1. Log in as a user whose Admin Profile has Read/Write privileges under System > Admin access and go to System > Administrators.
  2. Select the user account you want to delete.
  3. Click Delete and confirm that you want to delete the user.
To test LDAP/RADIUS logins:
  1. Log in as a user whose Admin Profile has Read/Write privileges under System > Admin access, and go to System > Administrators.
  2. Select an LDAP/RADIUS user to test.
  3. Click Test Login.
  4. Enter the user password.
  5. Click OK.

    If an error occurs, a debug message appears.

When a remote RADIUS server is configured for two-factor authentication, RADIUS users must enter a FortiToken code or the code from email/SMS to complete login. For example, after the user clicks Login, the user must enter the code and click Submit to complete the login.

You also need a code for the test login.
Previous
Next

Administrators

Use the Administrators page to configure administrator user accounts.

If the user whose Admin Profile does not have Read Write privilege under System > Admin access, the user can only view and edit their own information.

The following options are available:

Create New

Create a new administrator account.

Edit

Edit the selected entry.

Delete

Delete the selected entry.

Test Login

Test the selected user's login settings. If an error occurs, a debug message appears.

The following information is displayed:

Name

The administrator account name.

Type

The administrator type:

  • Local
  • LDAP
  • RADIUS

Profile

The Admin Profile the user belongs to.
To create a new user:
  1. Log in as a user whose Admin Profile has Read/Write privileges under System > Admin access and go to System > Administrators.
  2. Click Create New.
  3. Configure the following:

    Administrator

    Name of the administrator account. The name must be 1 to 30 characters using only upper-case letters, lower-case letters, numbers, or the underscore character (_).

    Password

    Password of the account. The password must be 6 to 64 characters using only upper-case letters, lower-case letters, numbers, or special characters.

    This field is available when Type is set to Local.

    Confirm Password

    Confirm the password for the account.

    Type

    Select Local, LDAP, or RADIUS.

    LDAP Server

    When Type is LDAP, select a LDAP Server. For information on creating an LDAP server, see LDAP Servers.

    RADIUS Server

    When Type is RADIUS, select a RADIUS Server. For information on creating a RADIUS server, see RADIUS Servers.

    Admin Profile

    Select the Admin Profile.

    Trusted Host 1, Trusted Host 2, Trusted Host 3

    Enter up to three IPv4 trusted hosts. Only users from trusted hosts can access FortiDeceptor.

    Trusted IPv6 Host 1, Trusted IPv6 Host 2, Trusted IPv6 Host 3

    Enter up to three IPv6 trusted hosts. Only users from trusted hosts can access FortiDeceptor.

    Comments

    Enter an optional comment.

    Setting trusted hosts for administrators limits what computers an administrator can use to log into FortiDeceptor. When you identify a trusted host, FortiDeceptor only accepts the administrator’s login from the configured IP address or subnet. Attempts to log in with the same credentials from another IP address or subnet are dropped.
  4. Click OK.
To edit a user account:
  1. Log in as a user whose Admin Profile has Read/Write privileges under System > Admin access and go to System > Administrators.
  2. Select the name of the user you want to edit and click Edit.

    Only the admin user can edit its own settings.

    You must enter old password before you can set a new password.

  3. Edit the account and click OK.
To delete one or more user accounts:
  1. Log in as a user whose Admin Profile has Read/Write privileges under System > Admin access and go to System > Administrators.
  2. Select the user account you want to delete.
  3. Click Delete and confirm that you want to delete the user.
To test LDAP/RADIUS logins:
  1. Log in as a user whose Admin Profile has Read/Write privileges under System > Admin access, and go to System > Administrators.
  2. Select an LDAP/RADIUS user to test.
  3. Click Test Login.
  4. Enter the user password.
  5. Click OK.

    If an error occurs, a debug message appears.

When a remote RADIUS server is configured for two-factor authentication, RADIUS users must enter a FortiToken code or the code from email/SMS to complete login. For example, after the user clicks Login, the user must enter the code and click Submit to complete the login.

You also need a code for the test login.
Previous
Next