Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiAnalyzer 6.0.0 Administration Guide
    6.0.0
    7.6.1
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.11
    5.6.10
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.10
    5.2.9
    5.2.7
    5.2.6
    5.2.5
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.0.13
    5.0.11
    5.0.10
    5.0.9
    5.0.8
    5.0.7
    5.0.6
    5.0.5
    5.0.4
    5.0.3
    5.0.2
    4.3.0
    4.2.0
    4.1.0
    4.0.0

    Creating administrators

    Creating administrators

    To create a new administrator account, you must be logged in to an account with sufficient privileges, or as a super user administrator.

    You need the following information to create an account:

    • Which authentication method the administrator will use to log in to the FortiAnalyzer unit. Local, remote, and Public Key Infrastructure (PKI) authentication methods are supported.
    • What administrator profile the account will be assigned, or what system privileges the account requires.
    • If ADOMs are enabled, which ADOMs the administrator will require access to.
    • If using trusted hosts, the trusted host addresses and network masks.

    For remote or PKI authentication, the authentication must be configured before you create the administrator. See Authentication for details.
    To create a new administrator:
    1. Go to System Settings > Admin > Administrators.
    2. In the toolbar, click Create New to display the New Administrator pane.

    3. Configure the following settings, and then click OK to create the new administrator.

      User Name

      Enter the name of the administrator will use to log in.

      Avatar

      Apply a custom image to the administrator.

      Click Add Photo to select an image already loaded to the FortiAnalyzer, or to load an new image from the management computer.

      If no image is selected, the avatar will use the first letter of the user name.

      Comments

      Optionally, enter a description of the administrator, such as their role, location, or the reason for their account.

      Admin Type

      Select the type of authentication the administrator will use when logging into the FortiAnalyzer unit. One of: LOCAL, RADIUS, LDAP, TACACS+, PKI, or Group. See Authentication for more information.

      Server or Group

      Select the RADIUS server, LDAP server, TACACS+ server, or group, as required.

      The server must be configured prior to creating the new administrator.

      This option is not available if the Admin Type is LOCAL or PKI.

      Wildcard

      Select this option to set the password as a wildcard.

      This option is not available if the Admin Type is LOCAL or PKI.

      Subject

      Enter a comment for the PKI administrator.

      This option is only available if the Admin Type is PKI.

      CA

      Select the CA certificate from the dropdown list.

      This option is only available if the Admin Type is PKI.

      Required two-factor authentication

      Select to enable two-factor authentication.

      This option is only available if the Admin Type is PKI.

      New Password

      Enter the password.

      This option is not available if Wildcard is selected.

      If the Admin Type is PKI, this option is only available when Require two-factor authentication is selected.

      If the Admin Type is RADIUS, LDAP, or TACACS+, the password is only used when the remote server is unreachable.

      Confirm Password

      Enter the password again to confirm it.

      This option is not available if Wildcard is selected.

      If the Admin Type is PKI, this option is only available when Require two-factor authentication is selected.

      Admin Profile

      Select an administrator profile from the list. The profile selected determines the administrator’s access to the FortiAnalyzer unit’s features. See Administrator profiles.

      Administrative Domain

      Choose the ADOMs this administrator will be able to access.

      • All ADOMs: The administrator can access all the ADOMs.
      • All ADOMs except specified ones: The administrator cannot access the selected ADOMs.
      • Specify: The administrator can access the selected ADOMs.

      If the Admin Profile is Super_User, then this setting is All ADOMs.

      This field is available only if ADOMs are enabled. See Administrative Domains.

      Trusted Hosts

      Optionally, turn on trusted hosts, then enter their IP addresses and netmasks. Up to ten IPv4 and ten IPv6 hosts can be added.

      See Trusted hosts for more information.

      Meta Fields

      Optionally, enter the new administrator's email address and phone number.
    Previous
    Next

    Creating administrators

    Creating administrators

    To create a new administrator account, you must be logged in to an account with sufficient privileges, or as a super user administrator.

    You need the following information to create an account:

    • Which authentication method the administrator will use to log in to the FortiAnalyzer unit. Local, remote, and Public Key Infrastructure (PKI) authentication methods are supported.
    • What administrator profile the account will be assigned, or what system privileges the account requires.
    • If ADOMs are enabled, which ADOMs the administrator will require access to.
    • If using trusted hosts, the trusted host addresses and network masks.

    For remote or PKI authentication, the authentication must be configured before you create the administrator. See Authentication for details.
    To create a new administrator:
    1. Go to System Settings > Admin > Administrators.
    2. In the toolbar, click Create New to display the New Administrator pane.

    3. Configure the following settings, and then click OK to create the new administrator.

      User Name

      Enter the name of the administrator will use to log in.

      Avatar

      Apply a custom image to the administrator.

      Click Add Photo to select an image already loaded to the FortiAnalyzer, or to load an new image from the management computer.

      If no image is selected, the avatar will use the first letter of the user name.

      Comments

      Optionally, enter a description of the administrator, such as their role, location, or the reason for their account.

      Admin Type

      Select the type of authentication the administrator will use when logging into the FortiAnalyzer unit. One of: LOCAL, RADIUS, LDAP, TACACS+, PKI, or Group. See Authentication for more information.

      Server or Group

      Select the RADIUS server, LDAP server, TACACS+ server, or group, as required.

      The server must be configured prior to creating the new administrator.

      This option is not available if the Admin Type is LOCAL or PKI.

      Wildcard

      Select this option to set the password as a wildcard.

      This option is not available if the Admin Type is LOCAL or PKI.

      Subject

      Enter a comment for the PKI administrator.

      This option is only available if the Admin Type is PKI.

      CA

      Select the CA certificate from the dropdown list.

      This option is only available if the Admin Type is PKI.

      Required two-factor authentication

      Select to enable two-factor authentication.

      This option is only available if the Admin Type is PKI.

      New Password

      Enter the password.

      This option is not available if Wildcard is selected.

      If the Admin Type is PKI, this option is only available when Require two-factor authentication is selected.

      If the Admin Type is RADIUS, LDAP, or TACACS+, the password is only used when the remote server is unreachable.

      Confirm Password

      Enter the password again to confirm it.

      This option is not available if Wildcard is selected.

      If the Admin Type is PKI, this option is only available when Require two-factor authentication is selected.

      Admin Profile

      Select an administrator profile from the list. The profile selected determines the administrator’s access to the FortiAnalyzer unit’s features. See Administrator profiles.

      Administrative Domain

      Choose the ADOMs this administrator will be able to access.

      • All ADOMs: The administrator can access all the ADOMs.
      • All ADOMs except specified ones: The administrator cannot access the selected ADOMs.
      • Specify: The administrator can access the selected ADOMs.

      If the Admin Profile is Super_User, then this setting is All ADOMs.

      This field is available only if ADOMs are enabled. See Administrative Domains.

      Trusted Hosts

      Optionally, turn on trusted hosts, then enter their IP addresses and netmasks. Up to ten IPv4 and ten IPv6 hosts can be added.

      See Trusted hosts for more information.

      Meta Fields

      Optionally, enter the new administrator's email address and phone number.
    Previous
    Next