Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AK-khan
Visitor

cannot enable diagnostic cli

Hi,

I am trying to enable diagnostic cli. when i enable "permit usage of cli diagnostic commands" and click ok it automatically gets disabled upon revisiting this setting. the membership of the account from which this is done has Read write access to all. What could be the reason ? how to enable it ?

regards

 

2 REPLIES 2
funkylicious
SuperUser
SuperUser

Hi,

If I'm not mistaken, only a super_admin account profile can change the settings of the admin profiles.

And this applies from 7.4.2 , https://docs.fortinet.com/document/fortigate/7.4.4/fortios-release-notes/641069/cli-system-permissio...

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Granting-read-only-admins-with-diagnose-co...

---------------------------
geek
---------------------------
---------------------------geek---------------------------
AK-khan

there is no user named super_admin.

there are few users all are members of "Network Administrator" group and that gorup has all access. 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors