Fortigate 50B group issues

Forum|Forum|8 years ago
October 24, 2017
2 replies
4215 views

I recently inherited a fortigate 50B running v4.0,build0513,120130 (MR3 Patch 5) (we're typically a SonicWALL shop). I'm new to Fortigates, and have run into an issue I can't seem to find a solution for.

I have one user group that I cannot add or remove users from. When I run a Show command from the CLI it lists:

config user group edit "group1" set sslvpn-portal "tunnel-access" set member "user1" "user2" "" next end

I believe the issue is caused by the trailing "" but my google fu has failed me, and I'm unable to come up with a solution.

Has anyone run into this in the past?

Toshi_Esumi

SuperUser

What kind of error do you get if you try overriding it with

set member "user1" "user2"

or,

unset member

(to recreate from scratch)?

muller_scottAuthor

New Member

From the CLI I get:

commands.c:3925 cmf_query_table_delete() error Command fail. Return code -1

From the gui, if I try to remove or add a user to the group I get:

Invalid length of value.

Toshi_Esumi

SuperUser

Then, the best(or only) option might be backing up the entire config, editing the members with a text editor, and restoring the config file. Obviously it would reboot at that time.

ede_pfau

SuperUser

There's probably a non-printing character in the third string. Proceed as Toshi has posted. Do not encrypt the backup file or else it won't be cleartext you can edit.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded