Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
SigniVain
New Contributor

Only "Super_User" profile has access to reports?

FAZ VM64 (VMware), version 6.0.2.

 

Only the built-in "Super_User" administrator profile group has access to reports.  If I clone that group, or if I create a new one, and confirm that all profile options are set to "read/write", users of that new profile cannot see or create any reports.  Is this normal?  I am not using multiple ADOMs; just the root.

 

I want to create a separate user profile to only allow those users to log in and see/create/run reports.  It's almost like the file system has "Super_User" as the only group set with the correct file/folder permissions, and any new "profile" created within the GUI fails to initiate the "chmod" command, or something.  Even the built-in "Standard_User" profile, unchanged, doesn't work (same issues).

 

Any help would be greatly appreciated.

2 Solutions
chall_FTNT
Staff
Staff

You user account isn't a wildcard user account by any chance is it?

Chris Hall
Fortinet Technical Support

View solution in original post

hzhao_FTNT

Hi there, 

 

How many wildcard users do you have? FAZ 6.0.2 can only support one wildcard user. 

Please also check ldap server name, if there is a space, please remove it.

 

Regards,

hz

View solution in original post

5 REPLIES 5
chall_FTNT
Staff
Staff

You user account isn't a wildcard user account by any chance is it?

Chris Hall
Fortinet Technical Support
SigniVain

They are wildcard, as a matter of fact.  The “super user” admins is a wildcard user which uses a group of LDAP servers.  The test “report” user is also a wildcard user, but only one LDAP server.  I’ll get rid of the incongruity on Monday, and also try non-wildcard users, and report back.  Thank you!

hzhao_FTNT

Hi there, 

 

How many wildcard users do you have? FAZ 6.0.2 can only support one wildcard user. 

Please also check ldap server name, if there is a space, please remove it.

 

Regards,

hz

chall_FTNT

SigniVain,

I asked about wildcard account because the error about "ADOM permission" has sometimes cropped up in association with that type of account.  But I`m not sure that any of the known issues are an exact match.

 

I'd explore it further with a support ticket.

Chris Hall
Fortinet Technical Support
SigniVain

Thank you!  Wildcard account was the ticket.  Each reports-only user (non-wildcard), using LDAP server group, can now log in and has access to all reports/templates.

Labels
Top Kudoed Authors