Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
anelis
New Contributor

Meaning of wildcard administrator

Hello folks,

 

A quick question that I thought was easy to figure out but I couldn't easily find an information about it:

 

What's the real meaning on the "wildcard" option in the Administrators Section on the FortiAnalyzer ?

 

Looking through the admin guide I couldn't find a definition nor a use case example. The only definition I found is in a FortiWeb product that says this:

Specifies whether the user-configured access profile in a remote authentication server overrides the access profile that is configured in FortiWeb. This field is available only when Type is Remote User.

 

Is this supposed to be used while defining a remote group (with a remote authentication server) and defines that each users that log in as a user but that aren't directly defined in the FortiAnalyzer will inherit the rights of that user ?

3 REPLIES 3
emnoc
Esteemed Contributor III

wildcard is that, a any  "user". The profile   set the  expectation that we  use a remote-auth services ( RADIUS TACACS ) and  authenticated the use such as and pull any over-ride if required.

 

Ken

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
chall_FTNT

See also this KB article: Remote Authentication using wildcard admin with Radius server

If there is no explicit match of the username against admin account, then wildcard is used & username/password are passed right through to the remote auth server.  Auth server will return the admin profile.

Chris Hall
Fortinet Technical Support
anelis

thanks for your replies, it's way clearer now.

Labels
Top Kudoed Authors