Fortinet white logo
Fortinet white logo

Administration Guide

User properties

User properties

The User Properties view provides access to detailed information about a single user. From this view you can access the associated host by clicking on the adapter's physical address displayed in the Registered Hosts tab at the bottom of the window.

Access user properties
  1. Select Users & Hosts > User Accounts.
  2. Search for the appropriate user.
  3. Select the user and either right-click or click Options.
  4. From the menu, select User Properties.
Settings

Field

Description

General

First Name

User's first name.

Last Name

User's last name.

ID

Unique alphanumeric ID for this user. Typically comes from the directory but if you are not using a directory, this field can be created manually. This field cannot be modified.

When using a directory for authentication, fields such as name, address, and email, are updated from the directory based on the user ID when the database synchronizes with the directory. This is true regardless of how the user is created and whether the user is locally authenticated or authenticated through the directory. If the user ID matches a user ID in the directory, the FortiNAC database is updated with the directory data.

Title

User's title, this could be a form of address or their title within the organization.

Role

Role assigned to the user. Roles are attributes of users that can be used as filters in user/host profiles. See Roles.

Security And Access Attribute Value

Value that typically comes from a field in the directory, but can be added manually. This value can be used as a filter to determine which policy to use when scanning a user's computer. The data in this field could be a department name, a type of user, a graduation class, a location or anything that distinguishes a group of users.

User Status

Radio buttons indicating whether the user is Enabled or Disabled. To enable or disable the user, click the appropriate button and then click Apply.

Allowed Hosts

The number of hosts that can be associated with or registered to this user and connect to the network. There are two ways to reach this total.

If the host is scanned by an agent or if adapters have been manually associated with hosts, then a single host with up to five adapters counts as one host.

If the host is not scanned by an agent or if the adapters have not been associated with specific hosts, then each adapter is counted individually as a host. In this scenario one host with two network adapters would be counted as two hosts.

Numbers entered in this field override the default setting in System > Settings > Network Device. Blank indicates that the default is used. See Network device.

If an administrator exceeds the number of hosts when registering a host to a user, a warning message is displayed indicating that the number of Allowed Hosts has been incremented and the additional hosts are registered to the user.

Time

Expiration Date

Controls the number of days a user is authorized on the network. User is deleted from the database when the date specified here has passed. The date is automatically calculated based on the information entered in the Set User Expiration date window.

To modify click Set. See Set user expiration date for additional information.

Inactivity Date

Controls the number of days a user is authorized on the network. User is deleted from the database when the date specified here has passed. The date is continuously recalculated based on the number of days entered for Inactivity Limit.

For example, if the user logs off the network on August 1st and Inactivity Limit is set to 2 days, the Inactivity Date becomes August 3rd. If on August 2nd the user logs back in again, the Inactivity Date is blank until the next time he logs out. Then the value is recalculated again. To modify click Set.

Inactivity Limit

Number of days the user must remain continuously inactive to be removed from the database. See Aging out host or user records.

Last Login/Logout

Date of the last time the user logged into or out of the network or the FortiNAC admin UI. This date is used to count the number of days of inactivity.

Delete Hosts Upon
Expiration

If set to Yes, hosts registered to the user are deleted when the user ages out of the database. To modify click Set.

Created

Indicates when this record was created in the database.

Tabs

Registered Hosts

Displays a list of hosts, by the MAC address of their adapters, registered to this user. Click on a MAC address to open the Host Properties.

Logged In Hosts

List of hosts by host name registered to this user that are currently logged onto the network.

Notes

Notes entered by the administrator. If this user registered as a guest, this section also contains information gathered at registration that does not have designated database fields, such as Person Visiting or Reason for Visit.

Buttons

Apply

Saves changes to the user properties.

Reset

Resets the values in the User Properties window to their previous settings. This option is only available if you have not clicked Apply.

User properties

User properties

The User Properties view provides access to detailed information about a single user. From this view you can access the associated host by clicking on the adapter's physical address displayed in the Registered Hosts tab at the bottom of the window.

Access user properties
  1. Select Users & Hosts > User Accounts.
  2. Search for the appropriate user.
  3. Select the user and either right-click or click Options.
  4. From the menu, select User Properties.
Settings

Field

Description

General

First Name

User's first name.

Last Name

User's last name.

ID

Unique alphanumeric ID for this user. Typically comes from the directory but if you are not using a directory, this field can be created manually. This field cannot be modified.

When using a directory for authentication, fields such as name, address, and email, are updated from the directory based on the user ID when the database synchronizes with the directory. This is true regardless of how the user is created and whether the user is locally authenticated or authenticated through the directory. If the user ID matches a user ID in the directory, the FortiNAC database is updated with the directory data.

Title

User's title, this could be a form of address or their title within the organization.

Role

Role assigned to the user. Roles are attributes of users that can be used as filters in user/host profiles. See Roles.

Security And Access Attribute Value

Value that typically comes from a field in the directory, but can be added manually. This value can be used as a filter to determine which policy to use when scanning a user's computer. The data in this field could be a department name, a type of user, a graduation class, a location or anything that distinguishes a group of users.

User Status

Radio buttons indicating whether the user is Enabled or Disabled. To enable or disable the user, click the appropriate button and then click Apply.

Allowed Hosts

The number of hosts that can be associated with or registered to this user and connect to the network. There are two ways to reach this total.

If the host is scanned by an agent or if adapters have been manually associated with hosts, then a single host with up to five adapters counts as one host.

If the host is not scanned by an agent or if the adapters have not been associated with specific hosts, then each adapter is counted individually as a host. In this scenario one host with two network adapters would be counted as two hosts.

Numbers entered in this field override the default setting in System > Settings > Network Device. Blank indicates that the default is used. See Network device.

If an administrator exceeds the number of hosts when registering a host to a user, a warning message is displayed indicating that the number of Allowed Hosts has been incremented and the additional hosts are registered to the user.

Time

Expiration Date

Controls the number of days a user is authorized on the network. User is deleted from the database when the date specified here has passed. The date is automatically calculated based on the information entered in the Set User Expiration date window.

To modify click Set. See Set user expiration date for additional information.

Inactivity Date

Controls the number of days a user is authorized on the network. User is deleted from the database when the date specified here has passed. The date is continuously recalculated based on the number of days entered for Inactivity Limit.

For example, if the user logs off the network on August 1st and Inactivity Limit is set to 2 days, the Inactivity Date becomes August 3rd. If on August 2nd the user logs back in again, the Inactivity Date is blank until the next time he logs out. Then the value is recalculated again. To modify click Set.

Inactivity Limit

Number of days the user must remain continuously inactive to be removed from the database. See Aging out host or user records.

Last Login/Logout

Date of the last time the user logged into or out of the network or the FortiNAC admin UI. This date is used to count the number of days of inactivity.

Delete Hosts Upon
Expiration

If set to Yes, hosts registered to the user are deleted when the user ages out of the database. To modify click Set.

Created

Indicates when this record was created in the database.

Tabs

Registered Hosts

Displays a list of hosts, by the MAC address of their adapters, registered to this user. Click on a MAC address to open the Host Properties.

Logged In Hosts

List of hosts by host name registered to this user that are currently logged onto the network.

Notes

Notes entered by the administrator. If this user registered as a guest, this section also contains information gathered at registration that does not have designated database fields, such as Person Visiting or Reason for Visit.

Buttons

Apply

Saves changes to the user properties.

Reset

Resets the values in the User Properties window to their previous settings. This option is only available if you have not clicked Apply.