config user local
Configure local users.
config user local Description: Configure local users. edit <name> set auth-concurrent-override [enable|disable] set auth-concurrent-value {integer} set authtimeout {integer} set email-to {string} set fortitoken {string} set id {integer} set ldap-server {string} set passwd {password} set passwd-policy {string} set passwd-time {user} set ppk-identity {string} set ppk-secret {password-3} set radius-server {string} set sms-custom-server {string} set sms-phone {string} set sms-server [fortiguard|custom] set status [enable|disable] set tacacs+-server {string} set two-factor [disable|fortitoken|...] set two-factor-authentication [fortitoken|email|...] set two-factor-notification [email|sms] set type [password|radius|...] set username-sensitivity [disable|enable] set workstation {string} next end
config user local
Parameter |
Description |
Type |
Size |
|||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
auth-concurrent-override |
Enable/disable overriding the policy-auth-concurrent under config system global. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
auth-concurrent-value |
Maximum number of concurrent logins permitted from the same user. |
integer |
Minimum value: 0 Maximum value: 100 |
|||||||||||||
authtimeout |
Time in minutes before the authentication timeout for a user is reached. |
integer |
Minimum value: 0 Maximum value: 1440 |
|||||||||||||
email-to |
Two-factor recipient's email address. |
string |
Maximum length: 63 |
|||||||||||||
fortitoken |
Two-factor recipient's FortiToken serial number. |
string |
Maximum length: 16 |
|||||||||||||
id |
User ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||
ldap-server |
Name of LDAP server with which the user must authenticate. |
string |
Maximum length: 35 |
|||||||||||||
name |
User name. |
string |
Maximum length: 64 |
|||||||||||||
passwd |
User's password. |
password |
Not Specified |
|||||||||||||
passwd-policy |
Password policy to apply to this user, as defined in config user password-policy. |
string |
Maximum length: 35 |
|||||||||||||
passwd-time |
Time of the last password update. |
user |
Not Specified |
|||||||||||||
ppk-identity |
IKEv2 Postquantum Preshared Key Identity. |
string |
Maximum length: 35 |
|||||||||||||
ppk-secret |
IKEv2 Postquantum Preshared Key (ASCII string or hexadecimal encoded with a leading 0x). |
password-3 |
Not Specified |
|||||||||||||
radius-server |
Name of RADIUS server with which the user must authenticate. |
string |
Maximum length: 35 |
|||||||||||||
sms-custom-server |
Two-factor recipient's SMS server. |
string |
Maximum length: 35 |
|||||||||||||
sms-phone |
Two-factor recipient's mobile phone number. |
string |
Maximum length: 15 |
|||||||||||||
sms-server |
Send SMS through FortiGuard or other external server. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
status |
Enable/disable allowing the local user to authenticate with the FortiGate unit. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
tacacs+-server |
Name of TACACS+ server with which the user must authenticate. |
string |
Maximum length: 35 |
|||||||||||||
two-factor |
Enable/disable two-factor authentication. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
two-factor-authentication |
Authentication method by FortiToken Cloud. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
two-factor-notification |
Notification method for user activation by FortiToken Cloud. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
type |
Authentication method. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
username-sensitivity |
Enable/disable case and accent sensitivity when performing username matching (accents are stripped and case is ignored when disabled). |
option |
- |
|||||||||||||
|
|
|||||||||||||||
workstation |
Name of the remote user workstation, if you want to limit the user to authenticate only from a particular workstation. |
string |
Maximum length: 35 |