Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
paulinster
New Contributor III

Specific device permission access within a different adom

Hi,

Is it possible to grant specific access to a device to and Administrator ?

Here's the situation I would like to be table to grand an admin full access to ADOMB. However in the function he require to do, he need to have access to a device within ADOMA. I don't want to grant that admin full access to the device in ADOMA, he should be able to only manage VPNs on device within ADOMA, but should have full access to devices on ADOMB.

 

Is this something possible?

1 REPLY 1
subramanis
Staff
Staff

Hello paulinster,

Yes, It's possible using custom admin profile or prof_admin.

Example:

user1--ADOMB ---> use super_admin profile full access

user2--ADOMA ---> use custom admin profile and provide read/write access to only VPN

 

Please check the below documents.

https://docs.fortinet.com/document/fortigate/6.0.0/cookbook/938921/creating-per-vdom-administrators

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Prof-Admin-admin-profile-will-not-be-able-...

 

Thanks