Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
nalexiou
Staff
Staff

Created on ‎10-09-2019 01:35 AM Edited on ‎04-07-2022 11:54 AM By Anonymous

Article Id 197180

Technical Tip: Prof admin VDOM administrator unable to login in read-write mode on a FortiGate device managed by FortiManager

Description
This article describe the behavior for Prof admin administrators when the FortiGate is managed from FortiManager

Solution
When a FortiGate is managed from FortiManager, the Prof admin VDOM administrators do not have the read-write mode when they are accessing GUI, even if they have read-write permissions.
Only the read-only option is available.
Only Global scope administrators have read-write permissions when accessing GUI.

This behavior is, by design, in order to prevent accidental out of sync issues.
This restriction applies only for GUI access, in CLI the Prof admin administrators will have read-write access depending on how permissions are configured in their profile.
A way to overwrite this behavior is to change the cental-management mode to backup:

#config system central-management
set mode backup
end
After this change the Prof admin administrators will have read-write access in GUI depending on how the permissions are configured.

Note: In backup mode, all the changes should be performed directly to FortiGate and FortiManager and will be used to backup the configurations.




4458
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.