| Description | This article describes a behavior change, that prevents some administrative users from taking a backup of the device configuration when it was possible previously. |
| Scope | From FortiManager v7.4.3, v7.2.6, v7.0.13 and v6.4.15 |
| Solution |
Previously, any administrator could take a backup of the FortiManager configuration as long as their Admin Profile allowed Read-Write access to the System Settings (as below):
From FortiManager v7.4.3, v7.2.6, v7.0.13, and v6.4.15 this is no longer the case.
Only administrators who are part of the default 'Super_User' admin profile will be allowed to take a backup of the configuration. This applies to backups made via both the GUI and SSH. In the GUI, the backup option will not appear, whereas in an SSH session attempts to take a backup will result in a 'You have no permission!' response.
A user logging in via SSH will notice that the prompt shows the '$' symbol (rather than '#'), indicating that users do not have full system privileges.
This behavior can be changed on a per Admin Profile basis, the following can be used to grant the profile the same level of access as the "Super_User" profile.
config system admin profile end
Note: The above also applies to FortiAnalyzers from v7.4.3, v7.2.6, v7.0.13 and v6.4.15. |
