Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiNAC 8.5.2 Administration Guide
    8.5.2
    9.4.0
    9.2.0
    9.1.0
    8.8.0
    8.7.0
    8.6.0
    8.5.2
    8.3.0

    Admin users

    Admin users

    The Admin users view displays a list of existing system users. Use this window to add, modify or delete FortiNAC users. Admin users are also network users, therefore, FortiNAC also displays them in the Users View. If you are logged in as an Admin user, you cannot delete the Admin user account that you are using.

    Note

    Administrator users cannot select a different admin profile for their own account. Use a second administrator account to access the administrator user and select a different admin profile.

    If there are more than 1000 admin users in the database, the users are not automatically displayed. Instead, a confirmation dialog is shown asking if you would like to continue. Note that large numbers of records may load very slowly if not filtered. Choose Yes to display all admin users or No to reduce the number displayed by using the filters.

    Admin Users can be accessed from Users > Admin Users or from System > Quick Start > Authentication Settings, however configuration steps point you to Users > Admin Users.

    See Navigation and Filters for information on common navigation tools and data filters.

    Settings

    Fields used in filters are also defined in this table.

    Field

    Definition

    Add Filter drop-down list

    Allows you to select a field from the current view to filter information. Select the field from the drop-down list, and then enter the information you wish to filter. See Filters.

    Update button

    Displays the filtered data in the table.

    Admin users

    User ID

    Unique alphanumeric ID for this user. Required.

    First Name

    User's first name.

    Last Name

    User's last name. Required.

    Type

    Indicates the type of Admin user being created. Types include Administrator and Administrative.

    Admin Profile

    Admin Users must have an associated Admin Profile that provides them with permissions for features in FortiNAC. Click the link in the Admin Users table for the selected user to go to the profile displayed. See Admin profiles.

    Auth Type

    Authentication method used for this Admin user. Types include:

    • Local — Validates the user to a database on the local (Undefined variable: User_Guide.ProductAbbrev) appliance.
    • LDAP — Validates the user to a directory database. FortiNAC uses the LDAP protocol to communicate to an organization’s directory.
    • RADIUS — Validates the user to a RADIUS server.

    E-mail

    E-mail address used to send system notifications associated with features such as alarms or profiled devices.

    Phone

    Optional demographic information.

    Address

    City

    State

    Postal Code

    Title

    Mobile Number

    Mobile Phone number used for sending SMS messages to administrators.

    Mobile Provider

    Mobile provider for the mobile phone number entered in the previous field. Used to send SMS messages to administrators. This field also displays the format of the SMS address that will be used to send the message. For example, if the provider is US Cellular, the format is xxxxxxxxxx@emai.uscc.net, where the x's represent the user's mobile phone number. The number is followed by the email domain of the provider's message server.

    User Expires

    The user is deleted from the database when the date specified here has passed. The date is automatically calculated based on the information entered when Aging is configured. The default setting for Administrator users is blank or Never Expire. Administrative Users may or may not have an expiration date depending on how the account was created. See Aging out host or user records. To configure aging see, Set user expiration date.

    Note

    Admin Users assigned the Administrator Profile cannot be aged out.

    User Inactivity Date

    Controls the number of days a User is authorized on the network. User is deleted from the database when the date specified here has passed. The date is continuously recalculated based on the information entered in the Days Inactive field. See Aging out host or user records.

    User Inactivity Limit

    Number of days the user must remain continuously inactive on the network to be removed from the database. See Aging out host or user records.

    Last Login/Logout

    Date of the last time the user logged into or out of the network or the FortiNAC Admin UI. This date is used to count the number of days of inactivity.

    Last Modified By

    User name of the last user to modify the admin user.

    Last Modified Date

    Date and time of the last modification to this admin user.

    Right click menu options

    Copy

    Copy the selected User to create a new record.

    Delete

    Deletes the selected User.

    Group Membership

    Displays groups in which the selected user is a member.

    Note

    Admin Users are also regular Users, therefore, separate options are displayed for Admin User Groups and User Groups. Options are labeled Group Membership (User) and Group Membership (Administrator).

    Groups

    Displays groups in which the selected user is a member. See Group membership.

    Modify

    Opens the Modify User window for the selected profile.

    Set Admin Profile

    Allows you to modify the Admin Profile for one or more users. This also allows you to remove the "Administrator" Profile for a user without the need to first delete and then recreate the user. See Modify a user's admin profile

    Set Expiration

    Launches a tool to set the date and time for the user to age out of the database. See Set user expiration date.

    Edit Theme

    Opens the User Theme dialog and allows you to modify the look and feel of the user interface for each Admin User.

    Import/Export

    Import and Export options allow you to import users into the database from a CSV file or export a list of selected hosts to CSV, Excel, PDF or RTF formats. See Import admin users and Export data.
    Previous
    Next

    Admin users

    Admin users

    The Admin users view displays a list of existing system users. Use this window to add, modify or delete FortiNAC users. Admin users are also network users, therefore, FortiNAC also displays them in the Users View. If you are logged in as an Admin user, you cannot delete the Admin user account that you are using.

    Note

    Administrator users cannot select a different admin profile for their own account. Use a second administrator account to access the administrator user and select a different admin profile.

    If there are more than 1000 admin users in the database, the users are not automatically displayed. Instead, a confirmation dialog is shown asking if you would like to continue. Note that large numbers of records may load very slowly if not filtered. Choose Yes to display all admin users or No to reduce the number displayed by using the filters.

    Admin Users can be accessed from Users > Admin Users or from System > Quick Start > Authentication Settings, however configuration steps point you to Users > Admin Users.

    See Navigation and Filters for information on common navigation tools and data filters.

    Settings

    Fields used in filters are also defined in this table.

    Field

    Definition

    Add Filter drop-down list

    Allows you to select a field from the current view to filter information. Select the field from the drop-down list, and then enter the information you wish to filter. See Filters.

    Update button

    Displays the filtered data in the table.

    Admin users

    User ID

    Unique alphanumeric ID for this user. Required.

    First Name

    User's first name.

    Last Name

    User's last name. Required.

    Type

    Indicates the type of Admin user being created. Types include Administrator and Administrative.

    Admin Profile

    Admin Users must have an associated Admin Profile that provides them with permissions for features in FortiNAC. Click the link in the Admin Users table for the selected user to go to the profile displayed. See Admin profiles.

    Auth Type

    Authentication method used for this Admin user. Types include:

    • Local — Validates the user to a database on the local (Undefined variable: User_Guide.ProductAbbrev) appliance.
    • LDAP — Validates the user to a directory database. FortiNAC uses the LDAP protocol to communicate to an organization’s directory.
    • RADIUS — Validates the user to a RADIUS server.

    E-mail

    E-mail address used to send system notifications associated with features such as alarms or profiled devices.

    Phone

    Optional demographic information.

    Address

    City

    State

    Postal Code

    Title

    Mobile Number

    Mobile Phone number used for sending SMS messages to administrators.

    Mobile Provider

    Mobile provider for the mobile phone number entered in the previous field. Used to send SMS messages to administrators. This field also displays the format of the SMS address that will be used to send the message. For example, if the provider is US Cellular, the format is xxxxxxxxxx@emai.uscc.net, where the x's represent the user's mobile phone number. The number is followed by the email domain of the provider's message server.

    User Expires

    The user is deleted from the database when the date specified here has passed. The date is automatically calculated based on the information entered when Aging is configured. The default setting for Administrator users is blank or Never Expire. Administrative Users may or may not have an expiration date depending on how the account was created. See Aging out host or user records. To configure aging see, Set user expiration date.

    Note

    Admin Users assigned the Administrator Profile cannot be aged out.

    User Inactivity Date

    Controls the number of days a User is authorized on the network. User is deleted from the database when the date specified here has passed. The date is continuously recalculated based on the information entered in the Days Inactive field. See Aging out host or user records.

    User Inactivity Limit

    Number of days the user must remain continuously inactive on the network to be removed from the database. See Aging out host or user records.

    Last Login/Logout

    Date of the last time the user logged into or out of the network or the FortiNAC Admin UI. This date is used to count the number of days of inactivity.

    Last Modified By

    User name of the last user to modify the admin user.

    Last Modified Date

    Date and time of the last modification to this admin user.

    Right click menu options

    Copy

    Copy the selected User to create a new record.

    Delete

    Deletes the selected User.

    Group Membership

    Displays groups in which the selected user is a member.

    Note

    Admin Users are also regular Users, therefore, separate options are displayed for Admin User Groups and User Groups. Options are labeled Group Membership (User) and Group Membership (Administrator).

    Groups

    Displays groups in which the selected user is a member. See Group membership.

    Modify

    Opens the Modify User window for the selected profile.

    Set Admin Profile

    Allows you to modify the Admin Profile for one or more users. This also allows you to remove the "Administrator" Profile for a user without the need to first delete and then recreate the user. See Modify a user's admin profile

    Set Expiration

    Launches a tool to set the date and time for the user to age out of the database. See Set user expiration date.

    Edit Theme

    Opens the User Theme dialog and allows you to modify the look and feel of the user interface for each Admin User.

    Import/Export

    Import and Export options allow you to import users into the database from a CSV file or export a list of selected hosts to CSV, Excel, PDF or RTF formats. See Import admin users and Export data.
    Previous
    Next