Explorer III

Question

Read only admin account and certificates

Forum|Forum|4 years ago
April 6, 2022
8 replies
7378 views

Hello,

I have a 101F with 7.0.2 and I created an account with super_admin_readonly

Should he be able to see the "Certificates" under system?

Thanks and regards,

Konstantinos

FortiGate

sharmaj

Staff

Hi Konstantinos

Yes, he should be able to see the certificates under the system, but can not delete them.

fortiFWuserAuthor

Explorer III

Hmm
Ok, but the menu is not showed.

Also I created a test account with the same profile and it was not showed also.

sharmaj

Staff

Hi

Just to confirm, are you using a customized super admin read-only profile?

Also, I hope for the general super admin users, the certificates are visible, if not, you need to enable feature visibility

fortiFWuserAuthor

Explorer III

Hi Jay,

I use the custom profile super_admin_readonly

The other admin profiles(super admin) see the certs

sharmaj

Staff

Hi

Try to use default super_admin_readonly and see if it behaves the same.

fortiFWuserAuthor

Explorer III

Sorry I mistyped

I use the default. But I made a custom one and it is the same.

sharmaj

Staff

What is the firmware version used?

fortiFWuserAuthor

Explorer III

It is 7.0.2 build 0234

sharmaj

Staff

What are the options user can see?

if not certificates under the system

fortiFWuserAuthor

Explorer III

fortiFWuserAuthor

Explorer III

Any ideas why it is not showed?

sharmaj

Staff

Hi

I recommend you open a TAC ticket regarding this, might be something as the lab setup is working just fine.

xsilver_FTNT

Staff

Hi fortiFWuser,

if GUI feature to show certificates is enabled, then even Read-Only admin should at least see certificates and their section under System menu.

Inability to see those when logged as read-only admin was internally discovered and is known issue.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded