Meaning of wildcard administrator

anelis · ‎03-12-2018

Hello folks,

A quick question that I thought was easy to figure out but I couldn't easily find an information about it:

What's the real meaning on the "wildcard" option in the Administrators Section on the FortiAnalyzer ?

Looking through the admin guide I couldn't find a definition nor a use case example. The only definition I found is in a FortiWeb product that says this:

Specifies whether the user-configured access profile in a remote authentication server overrides the access profile that is configured in FortiWeb. This field is available only when Type is Remote User.

Is this supposed to be used while defining a remote group (with a remote authentication server) and defines that each users that log in as a user but that aren't directly defined in the FortiAnalyzer will inherit the rights of that user ?

emnoc · ‎03-12-2018

wildcard is that, a any "user". The profile set the expectation that we use a remote-auth services ( RADIUS TACACS ) and authenticated the use such as and pull any over-ride if required.

Ken

PCNSE

NSE

StrongSwan

chall_FTNT · ‎03-12-2018

See also this KB article: Remote Authentication using wildcard admin with Radius server

If there is no explicit match of the username against admin account, then wildcard is used & username/password are passed right through to the remote auth server. Auth server will return the admin profile.

Chris Hall
Fortinet Technical Support

anelis · ‎03-13-2018

thanks for your replies, it's way clearer now.

Meaning of wildcard administrator

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website