Admin profiles and permissions
Admin profiles are templates assigned to administrative users to define what a user can do in FortiNAC. Every administrative user is required to have an admin profile. An admin profile can be assigned to more than one Administrative User.
Each admin profile contains a list of permissions that are inherited by the associated Administrative Users. Permissions configured in Admin Profiles control the views in FortiNAC that can be accessed. If permission for access is given, in most cases, the Administrative User can Add/Modify and Delete data.
If an Admin Profile that is in use is changed, the changes do not take effect until the associated Administrative Users log out of FortiNAC and log in again. |
Custom setting
For special functions such as Guest Manager or Device Profiler there are Advanced permissions. Advanced permissions control items such as the Guest Account templates that can be used by someone with permission for Guest/Contractor Accounts.
Landing page
Admin Profiles also designate the first screen or landing page displayed when the Administrative User logs into FortiNAC, days and times that users can log in and the number of minutes of inactivity that trigger an automatic logout. Due to the complexity of the permissions structure, it is recommended that you define the job functions of your Administrative Users to ensure that you have considered the permissions required for each Admin Profile.
Profile mapping
Admin Profiles can be mapped to Groups to automatically assign a profile to Administrative Users as they are added to selected groups. Note that if Admin Profile Mapping is configured, moving an Administrative User to a group that is mapped changes their profile to the profile for the group. See Mappings process for additional information.
Administrator profile
The Administrator profile is a default system profile that cannot be copied, deleted or renamed. This is the only profile that has access to every view in FortiNAC including: Admin Users, Admin Profiles and the Quick Start wizard. See Default administrator profiles.
See Navigation and Filters for information on common navigation tools and data filters.
Settings
Field |
Definition |
||
---|---|---|---|
Name |
User specified name for the profile. This name is displayed in the Admin User window when you are attaching the profile to an Administrative User. |
||
Inactivity Time |
User is logged out after this amount of time has elapsed without any activity. |
||
Login Availability |
Indicates when users with this profile can log in to FortiNAC. Options include: Always or Specify Time. If you choose Specify Time, the user is limited to certain times of day and days of the week. |
||
Landing Page |
Indicates the first view displayed when an Admin User with this profile logs into FortiNAC. |
||
Note |
User specified note field. This field may contain notes regarding the data conversion from a previous version of FortiNAC |
||
Last Modified By |
User name of the last user to modify the profile. |
||
Last Modified Date |
Date and time of the last modification to this profile. |
||
Right click options & buttons |
|||
Export |
Exports the data displayed to a file in the default downloads location. File types include CSV, Excel, PDF or RTF. See Export data. |
||
Copy |
Copy the selected Profile to create a new record. The Administrator Profile cannot be copied. |
||
Delete |
Deletes the selected Profile. Profiles cannot be deleted if they are in use. The Administrator Profile can never be deleted. |
||
Modify |
Opens the Modify Admin Profile window for the selected profile. On the Administrator Profile only the Inactivity Time can be modified. |
||
In Use |
Opens a list of Administrative Users that have the selected profile attached. |
||
Show Audit Log |
Opens the Admin Auditing Log showing all changes made to the selected item. For information about the Admin Auditing Log, see Admin auditing.
|