I am trying to run cli to create admin accounts on fortigates: cd c:\Program Files\PuTTY plink.exe -l username -pw password fgt_ipaddress C:\pat_to_command.txt pause and then in command.txt: config system admin edit test set accprofile "super_admin" set password test end I keep getting the "unknow action 0" which according to fgt doc: "If you do not enter a known command, the CLI will return an error message such as: Unknown action 0" Would appreciate lil help on understanding what is going wrong here.
From the debug output I'd say you (= your account) is not allowed to create a super-user admin.
And, only a minor flaw: you close the "edit testadmin" config with "next", then "end". "next" is missing.
ede_pfau wrote:From the debug output I'd say you (= your account) is not allowed to create a super-user admin.
And, only a minor flaw: you close the "edit testadmin" config with "next", then "end". "next" is missing.
I can create a admin with the same account when i login through the gui, its an super_admin account. I showed this to FGT chat and the guy simply said, bulk upload might or might not work so this needs to be troubleshooted further and i should open a ticket.
Thanks and Regards.
You've got a typo in your command file: it should read
set accprofile super_adminnot
set acc_profile(this will earn me another beer :)
ede_pfau wrote:You've got a typo in your command file: it should read
set accprofile super_adminnotset acc_profile(this will earn me another beer :)
HAHA jesus i swear i've done it with acc_profile!!
I tried this on another device and the bulk upload worked:
IINFRALAB # diagnose debug cli 3
IINFRALAB # diagnose debug reset
IINFRALAB #
IINFRALAB # diagnose debug enable
IINFRALAB # diagnose debug cli 8
IINFRALAB # 0: config system admin
0: edit testadmin
0: set password testsnaadmin#
0: set accprofile super_admin
0: endopen file 14 to write config
open file 14 to write config
write config file success, prepare to save in flash
zip config file /data/./config/sys_global.conf.gz success!
but when i do it with using plink and ssh like im trying it's go some issue with the very first config line itself:
as seen in the cmd window
C:\Users\net\Google Drive\batch>cd c:\Program Files\PuTTY
c:\Program Files\PuTTY>plink -ssh 192.168.2.1 -l admin -pw admin321 -m C:\Users\
net\Google Drive\batch\createiinfra.txt
IINFRALAB # Unknown action 0
IINFRALAB # IINFRALAB # Unknown action 0
IINFRALAB # IINFRALAB # Unknown action 0
IINFRALAB # IINFRALAB # Unknown action 0
IINFRALAB # IINFRALAB # Unknown action 0
IINFRALAB #
c:\Program Files\PuTTY>pause
Press any key to continue . . .
If you do not enter a known command, the CLI will return an error message such as:
Unknown action 0
PS: man i'll buy you 2 beers. .
Got this finally.
Just had to embrace the path to the txt containing the code in "" ..without them the path was being passed to the FGT.
As below
cd c:\Program Files\PuTTY
plink -ssh fgtipaddress -l user -pw password -m "C:\path to\command.txt"
pause
cheers
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2678 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.