config user group
Configure user groups.
config user group
Description: Configure user groups.
edit <name>
set auth-concurrent-override [enable|disable]
set auth-concurrent-value {integer}
set authtimeout {integer}
set company [optional|mandatory|...]
set email [disable|enable]
set expire {integer}
set expire-type [immediately|first-successful-login]
set fabric-force-sync [enable|disable]
set fabric-object [enable|disable]
set fabric-object-source [member|local|...]
set group-type [firewall|fsso-service|...]
config guest
Description: Guest User.
edit <id>
set comment {var-string}
set company {string}
set email {string}
set expiration {user}
set mobile-phone {string}
set name {string}
set password {password}
set sponsor {string}
set user-id {string}
next
end
set http-digest-realm {string}
set id {integer}
config match
Description: Group matches.
edit <id>
set group-name {string}
set server-name {string}
next
end
set max-accounts {integer}
set member <name1>, <name2>, ...
set mobile-phone [disable|enable]
set multiple-guest-add [disable|enable]
set password [auto-generate|specify|...]
set scim-group-attr-type [display-name|external-id]
set scim-groups <name1>, <name2>, ...
set scim-user-attr-type [user-name|display-name|...]
set scim-users <name1>, <name2>, ...
set sms-custom-server {string}
set sms-server [fortiguard|custom]
set sponsor [optional|mandatory|...]
set sso-attribute-value {string}
set user-id [email|auto-generate|...]
set user-name [disable|enable]
set uuid {uuid}
next
end
config user group
|
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
auth-concurrent-override |
Enable/disable overriding the global number of concurrent authentication sessions for this user group. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
auth-concurrent-value |
Maximum number of concurrent authenticated connections per user (0 - 100). |
integer |
Minimum value: 0 Maximum value: 100 |
0 |
||||||||||||
|
authtimeout |
Authentication timeout in minutes for this user group. 0 to use the global user setting auth-timeout. |
integer |
Minimum value: 0 Maximum value: 43200 |
0 |
||||||||||||
|
company |
Set the action for the company guest user field. |
option |
- |
optional |
||||||||||||
|
|
|
|||||||||||||||
|
|
Enable/disable the guest user email address field. |
option |
- |
enable |
||||||||||||
|
|
|
|||||||||||||||
|
expire |
Time in seconds before guest user accounts expire (1 - 31536000). |
integer |
Minimum value: 1 Maximum value: 31536000 |
14400 |
||||||||||||
|
expire-type |
Determine when the expiration countdown begins. |
option |
- |
immediately |
||||||||||||
|
|
|
|||||||||||||||
|
fabric-force-sync * |
Enable/disable forced synchronization of configuration objects from the root FortiGate unit to the downstream devices. Configuration conflict check is skipped. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
fabric-object * |
Security Fabric global object setting. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
fabric-object-source * |
Source of truth for fabric object. |
option |
- |
root |
||||||||||||
|
|
|
|||||||||||||||
|
group-type |
Set the group to be for firewall authentication, FSSO, RSSO, SCIM, or guest users. |
option |
- |
firewall |
||||||||||||
|
|
|
|||||||||||||||
|
http-digest-realm |
Realm attribute for MD5-digest authentication. |
string |
Maximum length: 35 |
|
||||||||||||
|
id |
Group ID. Read-only. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||||||
|
max-accounts |
Maximum number of guest accounts that can be created for this group (0 means unlimited). |
integer |
Minimum value: 0 Maximum value: 1024 ** |
0 |
||||||||||||
|
member |
Names of users, peers, LDAP severs, RADIUS servers, SCIM client or external idp servers to add to the user group. Group member name. |
string |
Maximum length: 511 |
|
||||||||||||
|
mobile-phone |
Enable/disable the guest user mobile phone number field. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
multiple-guest-add |
Enable/disable addition of multiple guests. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
name |
Group name. |
string |
Maximum length: 35 |
|
||||||||||||
|
password |
Guest user password type. |
option |
- |
auto-generate |
||||||||||||
|
|
|
|||||||||||||||
|
scim-group-attr-type * |
Group attribute type used to match SCIM groups (default = display-name). |
option |
- |
display-name |
||||||||||||
|
|
|
|||||||||||||||
|
scim-groups |
Names of SCIM groups. Names of SCIM groups. |
string |
Maximum length: 79 |
|
||||||||||||
|
scim-user-attr-type * |
User attribute type used to match SCIM users (default = user-name). |
option |
- |
user-name |
||||||||||||
|
|
|
|||||||||||||||
|
scim-users |
Names of SCIM users. Names of SCIM users. |
string |
Maximum length: 79 |
|
||||||||||||
|
sms-custom-server |
SMS server. |
string |
Maximum length: 35 |
|
||||||||||||
|
sms-server |
Send SMS through FortiGuard or other external server. |
option |
- |
fortiguard |
||||||||||||
|
|
|
|||||||||||||||
|
sponsor |
Set the action for the sponsor guest user field. |
option |
- |
optional |
||||||||||||
|
|
|
|||||||||||||||
|
sso-attribute-value |
RADIUS attribute value. |
string |
Maximum length: 511 |
|
||||||||||||
|
user-id |
Guest user ID type. |
option |
- |
|
||||||||||||
|
|
|
|||||||||||||||
|
user-name |
Enable/disable the guest user name entry. |
option |
- |
disable |
||||||||||||
|
|
|
|||||||||||||||
|
uuid * |
Universally Unique Identifier (UUID; automatically assigned but can be manually reset). |
uuid |
Not Specified |
00000000-0000-0000-0000-000000000000 |
||||||||||||
* This parameter may not exist in some models.
** Values may differ between models.
config guest
|
Parameter |
Description |
Type |
Size |
Default |
|---|---|---|---|---|
|
comment |
Comment. |
var-string |
Maximum length: 255 |
|
|
company |
Set the action for the company guest user field. |
string |
Maximum length: 35 |
|
|
|
Email. |
string |
Maximum length: 64 |
|
|
expiration |
Expire time. |
user |
Not Specified |
|
|
id |
Guest ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
|
mobile-phone |
Mobile phone. |
string |
Maximum length: 35 |
|
|
name |
Guest name. |
string |
Maximum length: 64 |
|
|
password |
Guest password. |
password |
Not Specified |
|
|
sponsor |
Set the action for the sponsor guest user field. |
string |
Maximum length: 35 |
|
|
user-id |
Guest ID. |
string |
Maximum length: 64 |
|
config match
|
Parameter |
Description |
Type |
Size |
Default |
|---|---|---|---|---|
|
group-name |
Name of matching user or group on remote authentication server or SCIM. |
string |
Maximum length: 511 |
|
|
id |
ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
|
server-name |
Name of remote auth server. |
string |
Maximum length: 35 |
|