config user group
Description: Configure user groups.
edit <name>
set id {integer}
set group-type [firewall|fsso-service|...]
set authtimeout {integer}
set auth-concurrent-override [enable|disable]
set auth-concurrent-value {integer}
set http-digest-realm {string}
set sso-attribute-value {string}
set member <name1>, <name2>, ...
config match
Description: Group matches.
edit <id>
set server-name {string}
set group-name {string}
next
end
set user-id [email|auto-generate|...]
set password [auto-generate|specify|...]
set user-name [disable|enable]
set sponsor [optional|mandatory|...]
set company [optional|mandatory|...]
set email [disable|enable]
set mobile-phone [disable|enable]
set sms-server [fortiguard|custom]
set sms-custom-server {string}
set expire-type [immediately|first-successful-login]
set expire {integer}
set max-accounts {integer}
set multiple-guest-add [disable|enable]
config guest
Description: Guest User.
edit <user-id>
set name {string}
set password {password}
set mobile-phone {string}
set sponsor {string}
set company {string}
set email {string}
set expiration {user}
set comment {var-string}
next
end
next
end
Parameter Name | Description | Type | Size |
---|---|---|---|
id | Group ID. | integer | Minimum value: 0 Maximum value: 4294967295 |
group-type | Set the group to be for firewall authentication, FSSO, RSSO, or guest users. firewall: Firewall. fsso-service: Fortinet Single Sign-On Service. rsso: RADIUS based Single Sign-On Service. guest: Guest. |
option | - |
authtimeout | Authentication timeout in minutes for this user group. 0 to use the global user setting auth-timeout. | integer | Minimum value: 0 Maximum value: 43200 |
auth-concurrent-override | Enable/disable overriding the global number of concurrent authentication sessions for this user group. enable: Enable auth-concurrent-override. disable: Disable auth-concurrent-override. |
option | - |
auth-concurrent-value | Maximum number of concurrent authenticated connections per user (0 - 100). | integer | Minimum value: 0 Maximum value: 100 |
http-digest-realm | Realm attribute for MD5-digest authentication. | string | Maximum length: 35 |
sso-attribute-value | Name of the RADIUS user group that this local user group represents. | string | Maximum length: 511 |
member <name> |
Names of users, peers, LDAP severs, or RADIUS servers to add to the user group. Group member name. |
string | Maximum length: 511 |
user-id | Guest user ID type. email: Email address. auto-generate: Automatically generate. specify: Specify. |
option | - |
password | Guest user password type. auto-generate: Automatically generate. specify: Specify. disable: Disable. |
option | - |
user-name | Enable/disable the guest user name entry. disable: Enable setting. enable: Disable setting. |
option | - |
sponsor | Set the action for the sponsor guest user field. optional: Optional. mandatory: Mandatory. disabled: Disabled. |
option | - |
company | Set the action for the company guest user field. optional: Optional. mandatory: Mandatory. disabled: Disabled. |
option | - |
Enable/disable the guest user email address field. disable: Enable setting. enable: Disable setting. |
option | - | |
mobile-phone | Enable/disable the guest user mobile phone number field. disable: Enable setting. enable: Disable setting. |
option | - |
sms-server | Send SMS through FortiGuard or other external server. fortiguard: Send SMS by FortiGuard. custom: Send SMS by custom server. |
option | - |
sms-custom-server | SMS server. | string | Maximum length: 35 |
expire-type | Determine when the expiration countdown begins. immediately: Immediately. first-successful-login: First successful login. |
option | - |
expire | Time in seconds before guest user accounts expire. (1 - 31536000 sec) | integer | Minimum value: 1 Maximum value: 31536000 |
max-accounts | Maximum number of guest accounts that can be created for this group (0 means unlimited). | integer | Minimum value: 0 Maximum value: 500 |
multiple-guest-add | Enable/disable addition of multiple guests. disable: Enable setting. enable: Disable setting. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
server-name | Name of remote auth server. | string | Maximum length: 35 |
group-name | Name of matching user or group on remote authentication server. | string | Maximum length: 511 |
Parameter Name | Description | Type | Size |
---|---|---|---|
name | Guest name. | string | Maximum length: 64 |
password | Guest password. | password | Not Specified |
mobile-phone | Mobile phone. | string | Maximum length: 35 |
sponsor | Set the action for the sponsor guest user field. | string | Maximum length: 35 |
company | Set the action for the company guest user field. | string | Maximum length: 35 |
Email. | string | Maximum length: 64 | |
expiration | Expire time. | user | Not Specified |
comment | Comment. | var-string | Maximum length: 255 |
config user group
Description: Configure user groups.
edit <name>
set id {integer}
set group-type [firewall|fsso-service|...]
set authtimeout {integer}
set auth-concurrent-override [enable|disable]
set auth-concurrent-value {integer}
set http-digest-realm {string}
set sso-attribute-value {string}
set member <name1>, <name2>, ...
config match
Description: Group matches.
edit <id>
set server-name {string}
set group-name {string}
next
end
set user-id [email|auto-generate|...]
set password [auto-generate|specify|...]
set user-name [disable|enable]
set sponsor [optional|mandatory|...]
set company [optional|mandatory|...]
set email [disable|enable]
set mobile-phone [disable|enable]
set sms-server [fortiguard|custom]
set sms-custom-server {string}
set expire-type [immediately|first-successful-login]
set expire {integer}
set max-accounts {integer}
set multiple-guest-add [disable|enable]
config guest
Description: Guest User.
edit <user-id>
set name {string}
set password {password}
set mobile-phone {string}
set sponsor {string}
set company {string}
set email {string}
set expiration {user}
set comment {var-string}
next
end
next
end
Parameter Name | Description | Type | Size |
---|---|---|---|
id | Group ID. | integer | Minimum value: 0 Maximum value: 4294967295 |
group-type | Set the group to be for firewall authentication, FSSO, RSSO, or guest users. firewall: Firewall. fsso-service: Fortinet Single Sign-On Service. rsso: RADIUS based Single Sign-On Service. guest: Guest. |
option | - |
authtimeout | Authentication timeout in minutes for this user group. 0 to use the global user setting auth-timeout. | integer | Minimum value: 0 Maximum value: 43200 |
auth-concurrent-override | Enable/disable overriding the global number of concurrent authentication sessions for this user group. enable: Enable auth-concurrent-override. disable: Disable auth-concurrent-override. |
option | - |
auth-concurrent-value | Maximum number of concurrent authenticated connections per user (0 - 100). | integer | Minimum value: 0 Maximum value: 100 |
http-digest-realm | Realm attribute for MD5-digest authentication. | string | Maximum length: 35 |
sso-attribute-value | Name of the RADIUS user group that this local user group represents. | string | Maximum length: 511 |
member <name> |
Names of users, peers, LDAP severs, or RADIUS servers to add to the user group. Group member name. |
string | Maximum length: 511 |
user-id | Guest user ID type. email: Email address. auto-generate: Automatically generate. specify: Specify. |
option | - |
password | Guest user password type. auto-generate: Automatically generate. specify: Specify. disable: Disable. |
option | - |
user-name | Enable/disable the guest user name entry. disable: Enable setting. enable: Disable setting. |
option | - |
sponsor | Set the action for the sponsor guest user field. optional: Optional. mandatory: Mandatory. disabled: Disabled. |
option | - |
company | Set the action for the company guest user field. optional: Optional. mandatory: Mandatory. disabled: Disabled. |
option | - |
Enable/disable the guest user email address field. disable: Enable setting. enable: Disable setting. |
option | - | |
mobile-phone | Enable/disable the guest user mobile phone number field. disable: Enable setting. enable: Disable setting. |
option | - |
sms-server | Send SMS through FortiGuard or other external server. fortiguard: Send SMS by FortiGuard. custom: Send SMS by custom server. |
option | - |
sms-custom-server | SMS server. | string | Maximum length: 35 |
expire-type | Determine when the expiration countdown begins. immediately: Immediately. first-successful-login: First successful login. |
option | - |
expire | Time in seconds before guest user accounts expire. (1 - 31536000 sec) | integer | Minimum value: 1 Maximum value: 31536000 |
max-accounts | Maximum number of guest accounts that can be created for this group (0 means unlimited). | integer | Minimum value: 0 Maximum value: 500 |
multiple-guest-add | Enable/disable addition of multiple guests. disable: Enable setting. enable: Disable setting. |
option | - |
Parameter Name | Description | Type | Size |
---|---|---|---|
server-name | Name of remote auth server. | string | Maximum length: 35 |
group-name | Name of matching user or group on remote authentication server. | string | Maximum length: 511 |
Parameter Name | Description | Type | Size |
---|---|---|---|
name | Guest name. | string | Maximum length: 64 |
password | Guest password. | password | Not Specified |
mobile-phone | Mobile phone. | string | Maximum length: 35 |
sponsor | Set the action for the sponsor guest user field. | string | Maximum length: 35 |
company | Set the action for the company guest user field. | string | Maximum length: 35 |
Email. | string | Maximum length: 64 | |
expiration | Expire time. | user | Not Specified |
comment | Comment. | var-string | Maximum length: 255 |