Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mhdganji
Contributor

Minimum permissions for updating signatures

Hi,

 

I need to use someone to update signatures on Fortigate firewalls and not willing to give him super admin admin account. Is there any way to create an account with the minimum permissions just to be able to use execute restore ... command and update the firewall?

 

Regards,

 

 

2 Solutions
kcheng

Hi @mhdganji 

 

You may want to try with the following setting:

config sysgrp-permission
set upd read-write
set cfg read
set mnt read-write
end

 

Cheers,
Kayzie Cheng

View solution in original post

mhdganji

I'm using this except set admin ...

 

upd read/write

cfg read

mnt read/write

set scope global

 

This is the output

 

Get antivirus database from tftp server ok

command fail return code -85

 

Seems to be working but what is the -85 error code? Anyway to find the details about this error code and the results of the command?

 

View solution in original post

11 REPLIES 11
kcheng

Hi @mhdganji 

 

You may want to try with the following setting:

config sysgrp-permission
set upd read-write
set cfg read
set mnt read-write
end

 

Cheers,
Kayzie Cheng
Muhammad_Haiqal

Hi mhdganji,

That was a clear explaination. Please try solution provided by my colleague(kcheng), and let us know your finding.

 

:)

haiqal