config system accprofile
Configure access profiles for system administrators.
config system accprofile Description: Configure access profiles for system administrators. edit <name> set admintimeout {integer} set admintimeout-override [enable|disable] set authgrp [none|read|...] set comments {var-string} set ftviewgrp [none|read|...] set fwgrp [none|read|...] config fwgrp-permission Description: Custom firewall permission. set policy [none|read|...] set address [none|read|...] set service [none|read|...] set schedule [none|read|...] end set loggrp [none|read|...] config loggrp-permission Description: Custom Log & Report permission. set config [none|read|...] set data-access [none|read|...] set report-access [none|read|...] set threat-weight [none|read|...] end set netgrp [none|read|...] config netgrp-permission Description: Custom network permission. set cfg [none|read|...] set packet-capture [none|read|...] set route-cfg [none|read|...] end set scope [vdom|global] set secfabgrp [none|read|...] set sysgrp [none|read|...] config sysgrp-permission Description: Custom system permission. set admin [none|read|...] set upd [none|read|...] set cfg [none|read|...] set mnt [none|read|...] end set utmgrp [none|read|...] config utmgrp-permission Description: Custom Security Profile permissions. set antivirus [none|read|...] set ips [none|read|...] set webfilter [none|read|...] set emailfilter [none|read|...] set data-loss-prevention [none|read|...] set application-control [none|read|...] set icap [none|read|...] set voip [none|read|...] set waf [none|read|...] set dnsfilter [none|read|...] set endpoint-control [none|read|...] end set vpngrp [none|read|...] set wanoptgrp [none|read|...] set wifi [none|read|...] next end
config system accprofile
Parameter |
Description |
Type |
Size |
|||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
admintimeout |
Administrator timeout for this access profile. |
integer |
Minimum value: 1 Maximum value: 480 |
|||||||||||
admintimeout-override |
Enable/disable overriding the global administrator idle timeout. |
option |
- |
|||||||||||
|
|
|||||||||||||
authgrp |
Administrator access to Users and Devices. |
option |
- |
|||||||||||
|
|
|||||||||||||
comments |
Comment. |
var-string |
Maximum length: 255 |
|||||||||||
ftviewgrp |
FortiView. |
option |
- |
|||||||||||
|
|
|||||||||||||
fwgrp |
Administrator access to the Firewall configuration. |
option |
- |
|||||||||||
|
|
|||||||||||||
loggrp |
Administrator access to Logging and Reporting including viewing log messages. |
option |
- |
|||||||||||
|
|
|||||||||||||
name |
Profile name. |
string |
Maximum length: 35 |
|||||||||||
netgrp |
Network Configuration. |
option |
- |
|||||||||||
|
|
|||||||||||||
scope |
Scope of admin access: global or specific VDOM(s). |
option |
- |
|||||||||||
|
|
|||||||||||||
secfabgrp |
Security Fabric. |
option |
- |
|||||||||||
|
|
|||||||||||||
sysgrp |
System Configuration. |
option |
- |
|||||||||||
|
|
|||||||||||||
utmgrp |
Administrator access to Security Profiles. |
option |
- |
|||||||||||
|
|
|||||||||||||
vpngrp |
Administrator access to IPsec, SSL, PPTP, and L2TP VPN. |
option |
- |
|||||||||||
|
|
|||||||||||||
wanoptgrp * |
Administrator access to WAN Opt & Cache. |
option |
- |
|||||||||||
|
|
|||||||||||||
wifi |
Administrator access to the WiFi controller and Switch controller. |
option |
- |
|||||||||||
|
|
* This parameter may not exist in some models.
config fwgrp-permission
Parameter |
Description |
Type |
Size |
|||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
policy |
Policy Configuration. |
option |
- |
|||||||||
|
|
|||||||||||
address |
Address Configuration. |
option |
- |
|||||||||
|
|
|||||||||||
service |
Service Configuration. |
option |
- |
|||||||||
|
|
|||||||||||
schedule |
Schedule Configuration. |
option |
- |
|||||||||
|
|
config loggrp-permission
Parameter |
Description |
Type |
Size |
|||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
config |
Log & Report configuration. |
option |
- |
|||||||||
|
|
|||||||||||
data-access |
Log & Report Data Access. |
option |
- |
|||||||||
|
|
|||||||||||
report-access |
Log & Report Report Access. |
option |
- |
|||||||||
|
|
|||||||||||
threat-weight |
Log & Report Threat Weight. |
option |
- |
|||||||||
|
|
config netgrp-permission
Parameter |
Description |
Type |
Size |
|||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
cfg |
Network Configuration. |
option |
- |
|||||||||
|
|
|||||||||||
packet-capture |
Packet Capture Configuration. |
option |
- |
|||||||||
|
|
|||||||||||
route-cfg |
Router Configuration. |
option |
- |
|||||||||
|
|
config sysgrp-permission
Parameter |
Description |
Type |
Size |
|||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
admin |
Administrator Users. |
option |
- |
|||||||||
|
|
|||||||||||
upd |
FortiGuard Updates. |
option |
- |
|||||||||
|
|
|||||||||||
cfg |
System Configuration. |
option |
- |
|||||||||
|
|
|||||||||||
mnt |
Maintenance. |
option |
- |
|||||||||
|
|
config utmgrp-permission
Parameter |
Description |
Type |
Size |
|||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
antivirus |
Antivirus profiles and settings. |
option |
- |
|||||||||
|
|
|||||||||||
ips |
IPS profiles and settings. |
option |
- |
|||||||||
|
|
|||||||||||
webfilter |
Web Filter profiles and settings. |
option |
- |
|||||||||
|
|
|||||||||||
emailfilter |
AntiSpam filter and settings. |
option |
- |
|||||||||
|
|
|||||||||||
data-loss-prevention |
DLP profiles and settings. |
option |
- |
|||||||||
|
|
|||||||||||
application-control |
Application Control profiles and settings. |
option |
- |
|||||||||
|
|
|||||||||||
icap |
ICAP profiles and settings. |
option |
- |
|||||||||
|
|
|||||||||||
voip |
VoIP profiles and settings. |
option |
- |
|||||||||
|
|
|||||||||||
waf |
Web Application Firewall profiles and settings. |
option |
- |
|||||||||
|
|
|||||||||||
dnsfilter |
DNS Filter profiles and settings. |
option |
- |
|||||||||
|
|
|||||||||||
endpoint-control |
FortiClient Profiles. |
option |
- |
|||||||||
|
|