Modify a user | FortiNAC 9.4.0 | Fortinet Document Library

Modify a user

Users can be modified, enabled, disabled or deleted in this view. Once a change is made, the Manager communicates with the associated local FortiNAC server in the Servers column to update the record.

Locate a user

Select Users & Hosts > User Accounts.
Use the search or filter mechanisms to locate the appropriate user.

Click on the user to select it, then perform the desired action (see below).

Enable or disable a user

Click the Enable or Disable button.

Delete a user

Click the Delete button.

Modify a user

1. Click Modify.

2. See the table below for detailed information on each field.

3. Click OK to save.

Field	Definitions
Required fields
User ID
Change Password	Allows you to change the password for this user. Users who authenticate through the directory will not have a Change Password button. Only users who are locally authenticated by FortiNAC Manager have a change password option.
First Name Last Name	User's name as it is retrieved from the directory. If you are using a directory, these fields are updated every time the directory is re-synchronized with the database. If you are not using a directory, enter the user's first and last name.
Role	Roles are attributes of users and can be used as filters in user/host profiles. These profiles are used to determine which network access policy, endpoint compliance policy or Supplicant EasyConnect Policy is applied.
Additional info
Address	User's address of residence.
City	User's city of residence.
State	Two letter abbreviation for state of residence.
Zip/Postal Code	Postal code for the user's city and state of residence.
Email	User's email address. For multiple e-mail addresses, enter addresses separated by commas or semi-colons. Messages are sent to all e-mail addresses provided.
Title	This can be a form of address, such a as Mr., or a title within the organization.
Mobile Number	Mobile Phone number used for sending SMS messages to guests and administrators.
Mobile Provider	Mobile provider for the mobile phone number entered in the previous field. Used to send SMS messages to guests and administrators. This field also displays the format of the SMS address that will be used to send the message. For example, if the provider is US Cellular, the format is xxxxxxxxxx@emai.uscc.net, where the x's represent the user's mobile phone number. The number is followed by the email domain of the provider's message server.
Allowed Hosts	The number of hosts that can be associated with or registered to this user and connect to the network. There are two ways to reach this total. If the host is scanned by an agent or if adapters have been manually associated with hosts, then a single host with up to five adapters counts as one host. If the host is not scanned by an agent or if the adapters have not been associated with specific hosts, then each adapter is counted individually as a host. In this scenario one host with two network adapters would be counted as two hosts. Numbers entered in this field override the default setting in System > Settings > Network Device. Blank indicates that the default is used. See Network device. If an administrator exceeds the number of hosts when registering a host to a user, a warning message is displayed indicating that the number of Allowed Hosts has been incremented and the additional hosts are registered to the user.
Global Default	Default number of Allowed Hosts used if the Allowed Hosts field is empty. The default is set in System > Settings > User/Host Management > Allowed Hosts.
Notes	Free form notes entered by the Administrator.
Security and Access Attribute Value	This value is an attribute of users and can be used as a filter in user/host profiles. These profiles are used to determine which network access policy, endpoint compliance policy or Supplicant EasyConnect Policy is applied. If a directory is in use, the Security and Access Attribute value comes from the directory when it is synchronized with the database. Otherwise the value can be entered manually.

Field	Definitions
Required fields
User ID
Change Password	Allows you to change the password for this user. Users who authenticate through the directory will not have a Change Password button. Only users who are locally authenticated by FortiNAC Manager have a change password option.
First Name Last Name	User's name as it is retrieved from the directory. If you are using a directory, these fields are updated every time the directory is re-synchronized with the database. If you are not using a directory, enter the user's first and last name.
Role	Roles are attributes of users and can be used as filters in user/host profiles. These profiles are used to determine which network access policy, endpoint compliance policy or Supplicant EasyConnect Policy is applied.
Additional info
Address	User's address of residence.
City	User's city of residence.
State	Two letter abbreviation for state of residence.
Zip/Postal Code	Postal code for the user's city and state of residence.
Email	User's email address. For multiple e-mail addresses, enter addresses separated by commas or semi-colons. Messages are sent to all e-mail addresses provided.
Title	This can be a form of address, such a as Mr., or a title within the organization.
Mobile Number	Mobile Phone number used for sending SMS messages to guests and administrators.
Mobile Provider	Mobile provider for the mobile phone number entered in the previous field. Used to send SMS messages to guests and administrators. This field also displays the format of the SMS address that will be used to send the message. For example, if the provider is US Cellular, the format is xxxxxxxxxx@emai.uscc.net, where the x's represent the user's mobile phone number. The number is followed by the email domain of the provider's message server.
Allowed Hosts	The number of hosts that can be associated with or registered to this user and connect to the network. There are two ways to reach this total. If the host is scanned by an agent or if adapters have been manually associated with hosts, then a single host with up to five adapters counts as one host. If the host is not scanned by an agent or if the adapters have not been associated with specific hosts, then each adapter is counted individually as a host. In this scenario one host with two network adapters would be counted as two hosts. Numbers entered in this field override the default setting in System > Settings > Network Device. Blank indicates that the default is used. See Network device. If an administrator exceeds the number of hosts when registering a host to a user, a warning message is displayed indicating that the number of Allowed Hosts has been incremented and the additional hosts are registered to the user.
Global Default	Default number of Allowed Hosts used if the Allowed Hosts field is empty. The default is set in System > Settings > User/Host Management > Allowed Hosts.
Notes	Free form notes entered by the Administrator.
Security and Access Attribute Value	This value is an attribute of users and can be used as a filter in user/host profiles. These profiles are used to determine which network access policy, endpoint compliance policy or Supplicant EasyConnect Policy is applied. If a directory is in use, the Security and Access Attribute value comes from the directory when it is synchronized with the database. Otherwise the value can be entered manually.

Field

Definitions

Required fields

User ID

Change Password

Allows you to change the password for this user. Users who authenticate through the directory will not have a Change Password button. Only users who are locally authenticated by FortiNAC Manager have a change password option.

First Name
Last Name

User's name as it is retrieved from the directory. If you are using a directory, these fields are updated every time the directory is re-synchronized with the database. If you are not using a directory, enter the user's first and last name.

Role

Roles are attributes of users and can be used as filters in user/host profiles. These profiles are used to determine which network access policy, endpoint compliance policy or Supplicant EasyConnect Policy is applied.

Additional info

Address

User's address of residence.

City

User's city of residence.

State

Two letter abbreviation for state of residence.

Zip/Postal Code

Postal code for the user's city and state of residence.

User's email address. For multiple e-mail addresses, enter addresses separated by commas or semi-colons. Messages are sent to all e-mail addresses provided.

Title

This can be a form of address, such a as Mr., or a title within the organization.

Mobile Number

Mobile Phone number used for sending SMS messages to guests and administrators.

Mobile Provider

Mobile provider for the mobile phone number entered in the previous field. Used to send SMS messages to guests and administrators. This field also displays the format of the SMS address that will be used to send the message. For example, if the provider is US Cellular, the format is xxxxxxxxxx@emai.uscc.net, where the x's represent the user's mobile phone number. The number is followed by the email domain of the provider's message server.

Allowed Hosts

The number of hosts that can be associated with or registered to this user and connect to the network. There are two ways to reach this total.

If the host is scanned by an agent or if adapters have been manually associated with hosts, then a single host with up to five adapters counts as one host.

If the host is not scanned by an agent or if the adapters have not been associated with specific hosts, then each adapter is counted individually as a host. In this scenario one host with two network adapters would be counted as two hosts.

Numbers entered in this field override the default setting in System > Settings > Network Device. Blank indicates that the default is used. See Network device.

If an administrator exceeds the number of hosts when registering a host to a user, a warning message is displayed indicating that the number of Allowed Hosts has been incremented and the additional hosts are registered to the user.

Global Default

Default number of Allowed Hosts used if the Allowed Hosts field is empty. The default is set in System > Settings > User/Host Management > Allowed Hosts.

Notes

Free form notes entered by the Administrator.

Security and Access Attribute Value

This value is an attribute of users and can be used as a filter in user/host profiles. These profiles are used to determine which network access policy, endpoint compliance policy or Supplicant EasyConnect Policy is applied. If a directory is in use, the Security and Access Attribute value comes from the directory when it is synchronized with the database. Otherwise the value can be entered manually.