Hi,
I'm using an "admin-guest" that can only create guest account.
I can choose if username/password are auto-generated, that's working fine.
I'm missing a parameter : I would like to restrict expiration time (lock the parameter with the one I want)
for example admin-guest-1 can only create guest accounts with 4 hours validity after login (and this admin can't change this setting)
and admin-guest-2 can create guest account with 30 days validity after login (and this admin can't change this setting)
and so on...
Is there a way to achieve this ?
Thanks !
2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
Hello,
as this is not currently supported then the usual way is to open NFR (new feature request).
Check with your closest Fortinet sales representative.
Kind regards,
Tomas
Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff
You may create two different Guest Group with different option. Then user in different have different restrict, thanks.
Hello, thank you for you feedback
@jeff : there will be two different settings, but as it is not locked, guest admins can change that
I think it's a mistake because username & password settings are locked
I will go thru NFR process, I will post any info
2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
Ok, I was doing a last test while writing my NFR, there is another thing annoying : auto-generated login & password can be change after creation. Ok for password changing, not for username !
Here is my NFR send to my Fortinet sales representative :
-------------------------------------------------------------------------
I'm using an "admin-guest" that can only create guest account. I can choose if username/password are auto-generated, “admin-guest” can’t change it, settings are locked.
But it’s only when creating a new user… auto-generated login & password can be change after. Ok for password changing, not for username ! In order to enforce Internet Access Policy, I ask for :
1st] restrict expiration time (lock the parameter with the one I want on guest-group) for example Wifi-Guest-Daily is a guest-group with 8 hours validity after login and Wifi-Guest-Month is a guest-group with 30 days validity after login and so on...
2nd] those settings come with the one above :
ability to restrict (or not) an admin-guest from changing :
Username
Password
Expiration date
-------------------------------------------------------------------------
2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.