Thanks for your reply, emnoc.

Actually, I am looking for a CLI command to upload Script file on Fortigate 30 E  and execute it.

I can achieve this in GUI mode (System > Advanced > "upload and run script"). But I didn’t find any option to perform the same action in CLI…

Interesting too. Have anyone an example? I've uploaded my scripts, but no place, no cmd that i can execute this. 

And here the solution: https://deepdoc.at/dokuwi..._ueber_ein_desktopicon

There are a number of libraries that allow you to mimic commands that you would enter through SSH.

Attached is a python program that uses Paramiko (a library that lets you SSH to a host and execute commands). There are other libraries like "Expect" but "Paramiko" has come into favour with programmers and automators.

We use it extensively to automate tasks from a centralized location (e.g. crontabs, Jenkins etc).

Works well with Python 2.7 but can be upgraded to Python 3.x. Note: You will need to pip install the paramiko libraries for this to work.

The script does the following but you can have it do whatever you want. You could even use this script to upload a script to "config system auto-script" by sending the appropriate commands:

% ssh admin@192.168.1.99
fortigate # config vdom
fortigate (vdom) # edit DMZ
fortigate (DMZ) # config user local
fortigate (local) # edit bill
new entry 'bill' added
fortigate (bill) # set type radius
fortigate (bill) # set radius-server MFA
fortigate (bill) # next
fortigate (local) # edit ted
new entry 'ted' added
fortigate (ted) # set type radius
fortigate (ted) # set radius-server MFA
fortigate (ted) # next
fortigate (local) # end
fortigate # exit

Script:

#!/usr/bin/python2.7

# - Connect to a Fortigate using paramiko/SSH, connects into a specific VDOM, add two users from a list and exit

import paramiko
import time

sleepyTime = 0.5
receiveTime = 20000
fortigateHostname = '192.168.1.99'
fortigateUserName = 'admin'
fortigatePassword = 'XXXXXXXXXXXXX'

verbose = True

def doCommand(remote_conn,command):
    remote_conn.send(command + "\n")
    output = remote_conn.recv(receiveTime)
    if verbose:
        print(output)
    time.sleep(sleepyTime)

def connectToVDOM(remote_conn):
    try:
        remote_conn = remote_conn.invoke_shell()
        doCommand(remote_conn,"config vdom")
        doCommand(remote_conn,"edit DMZ")
    except KeyError as e:
        print(e)
    return(remote_conn)

def usersToAdd(userList, remote_conn):
    try:
        doCommand(remote_conn,"config user local")
        for user in userList:
            doCommand(remote_conn,"edit "+user)
            doCommand(remote_conn,"set type radius")
            doCommand(remote_conn,"set radius-server MFA")
            doCommand(remote_conn,"next")
        doCommand(remote_conn,"end")
    except KeyError as e:
        print(e)

def disconnectFromFG(remote_conn):
    try:
        doCommand(remote_conn,"exit")
    except KeyError as e:
        print(e)

# Connect to the Fortigate using using the paramiko and SSH
try:
    remote_init_conn = paramiko.SSHClient()
    remote_init_conn.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    remote_init_conn.connect(fortigateHostname, username=fortigateUserName, password=fortigatePassword, look_for_keys=False, allow_agent=False)
except (paramiko.ssh_exception.AuthenticationException, paramiko.ssh_exception.SSHException) as ex:
    print("[-] %s:%s - %s" % (fghost, fgport, ex))
except paramiko.ssh_exception.NoValidConnectionsError:
    print("[-] %s:%s - %s" % (fghost, fgport, ex))

# User list to add
users = ["bill", "ted"]
# Connect to the VDOM
remote_conn = connectToVDOM(remote_init_conn)
# Add some local users
usersToAdd(users, remote_conn)
# Logout
disconnectFromFG(remote_conn)