Technical Tip: Bare minimum admin permission to se...

FortiClient

FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.

Article Id 420066

Description

This article describes how to configure the bare minimum admin permission to send the Invitation Code email in FortiClient EMS.

Scope

FortiClient EMS v7.2 and v7.4.

Solution

The goal is to create an admin role that can send an Invitation Code email while restricting all other operational functions in FortiClient EMS.

Clone the default 'Restricted Administrator' role, tick 'View User Configuration ' -> Save.

The user who got assigned to this role will be able to see the 'Send' Invitation Code button.

However, there will be a 'Permission Denied' pop-up message, and FortiClient EMS will log out users.

Solution:

Edit the admin role with below permissions:
Manage Invitations + View User Configurations + Manage alert settings + View alert settings.
Assign the role to the admin user.
The admin user logs into FortiClient EMS, attempts to send the Invitation Code email.
It is now possible to send the Invitation Code email without getting the 'Permission Denied' pop-up message.
In cases where the pop-up message still appears, simply select 'Cancel'.
The page will not refresh, and the Invitation Code email will still be sent.

Contributors

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Technical Tip: Bare minimum admin permission to send Invitation Code email

You are leaving our website