|
- Prior to FortiOS 6.4.0, read only admins do not have any rights to run diagnostic commands such as # diag sniffer and # diag debug.
- In FortiOS 6.4.0, a new CLI command has been introduced:
# config system accprofile
edit read-only
set system-diagnostics enable
end
# config system admin
edit readonly
set accprofile read-only
set vdom root
set password xxxx
end
- Read only admins with system-diagnostics disable:
FortiCarrier-3200D $
get <----- Get dynamic and system information.
show <----- Show configuration.
execute <----- Execute static commands.
alias <----- Execute alias commands.
exit <----- Exit the CLI.
- Read only admins with system-diagnostics enable:
FortiCarrier-3200D $
get <----- Get dynamic and system information.
show <----- Show configuration.
diagnose <----- Diagnose facility. ß Diagnose command is available for read only admin.
execute <----- Execute static commands.
alias <----- Execute alias commands.
exit <----- Exit the CLI.
|
