Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Andre_Backs
New Contributor

restricted admin access question

Hello all.

Happy New Year and all the best wishes for 2015.

 

I have a question about restricting admin access to the Fortigate.

I run a Fortigate 200D version 5.0 patch 7 and need to set up an admin profile so that our servicedesk people have readonly access to the system and in addition they are allowed to modify the SSID password in the WiFi & Switch controller section.

Initially I thought that an Admin Profile with Read-Write access to "WiFi Controller" would do the trick but I found out that it doesn't. Is this something I can set in CLI perhaps ?

 

Thanks for helping,

André

ABB@ProBiblio Fortigate 200D (slave master)

ABB@ProBiblio Fortigate 200D (slave master)
1 REPLY 1
Dave_Hall
Honored Contributor

Andre Backs wrote:

Initially I thought that an Admin Profile with Read-Write access to "WiFi Controller" would do the trick but I found out that it doesn't. Is this something I can set in CLI perhaps ?

Never had the need to do that, but I usually I just reset the password from the CLI, like so:

config wireless-controller vap
    edit "wifi"
        set passphrase password
    next
end

Try again with that read-only admin profile you have created and see if it works.  Make sure you give your help desk access to the CLI.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Labels
Top Kudoed Authors