This article describes how to configure a new administrator account on managed switch using custom-command.

The FortiSwitch has a default 'admin' account. You can add an additional administrator accounts as per the requirement.

Helpful Links:
Page#41 adding admin accounts, standalone FortiSwitch https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/1f363a36-ba24-11ea-8b7d-005056...
Page#133 custom commands, managed FortiSwitch https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/2f7d95c8-7367-11ea-9384-005056...

By default, managed FortiSwitch has a default ‘admin’ account.
# show system admin
    # config system admin
edit "admin"
set accprofile "super_admin"
set password ENC AK1D81TRKaQlvte2V1ggzzyD7glETgGBlzaCFZw=
Execute a custom script on a managed FortiSwitch unit from the FortiGate.
The custom script contains generic FortiSwitch commands.

In below example, custom command will be used on FortiGate to add a new administrator account on managed-switch.

1) Create below custom command:
# config switch-controller custom-command
(custom-command) edit <command-name> 
new entry 'command-name' added
(command-name) set command "config system admin %0a edit <username> %0a set accprofile super_admin %0a set password <password> %0a next %0a end %0a"
(command-name) next
(custom-command) end
2) Push the commands to the FortiSwitches: (the serial number is the FortiSwitch(s) serial number).
# config switch-controller managed-switch
(managed-switch) edit S124EF591------9
(S124EF591------9) config custom-command
(custom-command) # edit 1
new entry '1' added
(2) set command-name <command-name>
(2) next
(custom-command) end
To verify if the change is pushed to the FortiSwitch:
SSH into the FortiSwitch from FortiGate(# execute ssh admin@<switch-ip>)
# show system admin
In the ‘set command’, “%0a” denotes a new line or return action.