Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
funkylicious
SuperUser
SuperUser

FortiGate RBAC - users

Hello,

 

I would like to restrict access to certain users which are assigned a custom profile, access to the configuration of all Traffic Shaper / Traffic Shaping Policy / Profile options/config and was wondering if it can be achieved somehow.

The restrictions would need to be for both CLI / GUI and what I've tried is :

- put System > Configuration to Read on the profile, but that would only disable Feature Visibility from the GUI for them, but they would still work from CLI

- put Firewall > Others to Read, this would achieve want I want but would disable access to IP Pools / Protocol options.


Any help would be appreciated.

 

L.E. Running FortiOS 6.4.10

"jack of all trades, master of none"
"jack of all trades, master of none"
1 Solution
Anthony_E
Community Manager
Community Manager

Hello,

 

I have asked one of our FortiGate experts and for him, it would not be possible.

He would need to lab it to be sure.

 

I hope this answer will help.

 

Regards,

 

 

Anthony-Fortinet Community Team.

View solution in original post

4 REPLIES 4
Anthony_E
Community Manager
Community Manager

Hello,

 

Thank you for using the Community Forum.

I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Regards,

Anthony-Fortinet Community Team.
Anthony_E
Community Manager
Community Manager

Hello,

 

I have asked one of our FortiGate experts and for him, it would not be possible.

He would need to lab it to be sure.

 

I hope this answer will help.

 

Regards,

 

 

Anthony-Fortinet Community Team.
funkylicious

Hi,
Just as I imagined.

It would be nice if future releases would provide more granular access / to what features/commands a user can use and what can be configured under the profiles assign to it.


Paul

"jack of all trades, master of none"
"jack of all trades, master of none"
Anthony_E
Community Manager
Community Manager

Hello Paul,

 

I will suggest it.

 

Regards,

Anthony-Fortinet Community Team.
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors