Fortinet black logo

Administration Guide

Add an administrative user for device profiler

Copy Link
Copy Doc ID 825689eb-200d-11e9-b6f6-f8bc1258b856:75584
Download PDF

Add an administrative user for device profiler

If you are creating Admin Users to manage guests or devices, you must create an Administrative User who has the appropriate Admin User Profile associated. See Admin profiles and permissions.

  1. Select Users > Admin Users.
  2. Click the Add button.
  3. In the User ID window displayed, enter an alphanumeric User ID for the new Admin user and click OK. As you enter the User ID, the network user database is checked to see if there is a current user with the same ID and a drop-down list of matching users is displayed. If you enter an ID that already exists as a regular network user, the network user and the Admin user become the same person with a single account.

    This allows you to give a network user administrator privileges to help with some administrative tasks.

  4. Use the table of Settings below to complete the information in the Add User dialog.
  5. Click OK to save the new user.

Settings

Field

Definition

Authentication Type

Authentication method used for this Admin user. Types include:

  • Local — Validates the user to a database on the local FortiNAC appliance.
  • LDAP — Validates the user to a directory database. FortiNAC uses the LDAP protocol to communicate to an organization’s directory.
  • RADIUS — Validates the user to a RADIUS server.

Admin Profile

Profiles control permissions for administrative users. See Admin profiles and permissions.

  • Add — Opens the Admin Profiles window allowing you to create a new profile without exiting the Add User window.
  • Modify — Allows you to modify the selected Admin Profile. Note that modifications to the profile affect all Administrative Users that have been assigned that profile.

User ID

Unique alphanumeric ID for this user.

Password

Password used for local authentication.

Note

If you authenticate users through LDAP or RADIUS, the password field is disabled and the user must log in with his LDAP or RADIUS password.

First Name

User's first name.

Last Name

User's last name.

Address

Optional demographic information.

City

State

Zip/Postal Code

Phone

E-mail

E-mail address used to send system notifications associated with features such as alarms or profiled devices. Also used to send Guest Self-Registration Requests from guests requesting an account. For multiple e-mail addresses, enter addresses separated by commas or semi-colons. Messages are sent to all e-mail addresses provided.

Title

User's title, such as Mr. or Ms.

Mobile Number

Mobile Phone number used for sending SMS messages to administrators.

Mobile Provider

Mobile provider for the mobile phone number entered in the previous field. Used to send SMS messages to administrators. This field also displays the format of the SMS address that will be used to send the message. For example, if the provider is US Cellular, the format is xxxxxxxxxx@email.uscc.net, where the x's represent the user's mobile phone number. The number is followed by the email domain of the provider's message server.

Notes

Free form notes field for additional information.

User Never Expires

If enabled, Admin users are never aged out of the database. The default is enabled.

Note

Admin Users assigned the Administrator Profile cannot be aged out.

Propagate Hosts

The Propagate Hosts setting controls whether or not the record for the host owned by the user is copied to all managed FortiNAC appliances. This field is only displayed if the FortiNAC server is managed by a FortiNAC Control Manager.

Add an administrative user for device profiler

If you are creating Admin Users to manage guests or devices, you must create an Administrative User who has the appropriate Admin User Profile associated. See Admin profiles and permissions.

  1. Select Users > Admin Users.
  2. Click the Add button.
  3. In the User ID window displayed, enter an alphanumeric User ID for the new Admin user and click OK. As you enter the User ID, the network user database is checked to see if there is a current user with the same ID and a drop-down list of matching users is displayed. If you enter an ID that already exists as a regular network user, the network user and the Admin user become the same person with a single account.

    This allows you to give a network user administrator privileges to help with some administrative tasks.

  4. Use the table of Settings below to complete the information in the Add User dialog.
  5. Click OK to save the new user.

Settings

Field

Definition

Authentication Type

Authentication method used for this Admin user. Types include:

  • Local — Validates the user to a database on the local FortiNAC appliance.
  • LDAP — Validates the user to a directory database. FortiNAC uses the LDAP protocol to communicate to an organization’s directory.
  • RADIUS — Validates the user to a RADIUS server.

Admin Profile

Profiles control permissions for administrative users. See Admin profiles and permissions.

  • Add — Opens the Admin Profiles window allowing you to create a new profile without exiting the Add User window.
  • Modify — Allows you to modify the selected Admin Profile. Note that modifications to the profile affect all Administrative Users that have been assigned that profile.

User ID

Unique alphanumeric ID for this user.

Password

Password used for local authentication.

Note

If you authenticate users through LDAP or RADIUS, the password field is disabled and the user must log in with his LDAP or RADIUS password.

First Name

User's first name.

Last Name

User's last name.

Address

Optional demographic information.

City

State

Zip/Postal Code

Phone

E-mail

E-mail address used to send system notifications associated with features such as alarms or profiled devices. Also used to send Guest Self-Registration Requests from guests requesting an account. For multiple e-mail addresses, enter addresses separated by commas or semi-colons. Messages are sent to all e-mail addresses provided.

Title

User's title, such as Mr. or Ms.

Mobile Number

Mobile Phone number used for sending SMS messages to administrators.

Mobile Provider

Mobile provider for the mobile phone number entered in the previous field. Used to send SMS messages to administrators. This field also displays the format of the SMS address that will be used to send the message. For example, if the provider is US Cellular, the format is xxxxxxxxxx@email.uscc.net, where the x's represent the user's mobile phone number. The number is followed by the email domain of the provider's message server.

Notes

Free form notes field for additional information.

User Never Expires

If enabled, Admin users are never aged out of the database. The default is enabled.

Note

Admin Users assigned the Administrator Profile cannot be aged out.

Propagate Hosts

The Propagate Hosts setting controls whether or not the record for the host owned by the user is copied to all managed FortiNAC appliances. This field is only displayed if the FortiNAC server is managed by a FortiNAC Control Manager.