Skip to main content
Akid
Akid
New Member
May 11, 2018
Question

Autorize a specific command with Administrator profile

  • May 11, 2018
  • 1 reply
  • 3201 views

Hi there,

I would like to know how to allow a profile to use the "diagnose" command. Currently we have a readonly profile with everything set to readonly, but we don't know wich section is in control for the access to this command.

Is there a document who describe the relationship between access control sections and commands related to it ?

 

Regards !

    1 reply

    emnoc
    emnoc
    New Member
    May 11, 2018

    I don't believe that would be possible, the AAA function in  FortiOS is a "access profile" based and not commands.

    Nicholas_Doropoulos
    Nicholas_Doropoulos
    New Member
    May 11, 2018

    Hi Akid,

     

    Below is a document that should explain how different admin profiles can be created:

     

    http://help.fortinet.com/fweb/537/Content/FortiWeb/fortiweb-admin/config_access_profiles.htm

     

    That being said, Fortigate is not modular enough yet to associate a profile with a subset of specified commands.

     

    I hope that helps.

    Terms & ConditionsAccessibility statement