config user local
Configure local users.
config user local
Description: Configure local users.
edit <name>
set id {integer}
set status [enable|disable]
set type [password|radius|...]
set passwd {password}
set ldap-server {string}
set radius-server {string}
set tacacs+-server {string}
set two-factor [disable|fortitoken|...]
set fortitoken {string}
set email-to {string}
set sms-server [fortiguard|custom]
set sms-custom-server {string}
set sms-phone {string}
set passwd-policy {string}
set passwd-time {user}
set authtimeout {integer}
set workstation {string}
set auth-concurrent-override [enable|disable]
set auth-concurrent-value {integer}
set username-case-sensitivity [disable|enable]
next
end
config user local
|
Parameter |
Description |
Type |
Size |
|||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
name |
User name. |
string |
Maximum length: 64 |
|||||||||||
|
id |
User ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||
|
status |
Enable/disable allowing the local user to authenticate with the FortiProxy unit. |
option |
- |
|||||||||||
|
|
|
|||||||||||||
|
type |
Authentication method. |
option |
- |
|||||||||||
|
|
|
|||||||||||||
|
passwd |
User's password. |
password |
Not Specified |
|||||||||||
|
ldap-server |
Name of LDAP server with which the user must authenticate. |
string |
Maximum length: 35 |
|||||||||||
|
radius-server |
Name of RADIUS server with which the user must authenticate. |
string |
Maximum length: 35 |
|||||||||||
|
tacacs+-server |
Name of TACACS+ server with which the user must authenticate. |
string |
Maximum length: 35 |
|||||||||||
|
two-factor |
Enable/disable two-factor authentication. |
option |
- |
|||||||||||
|
|
|
|||||||||||||
|
fortitoken |
Two-factor recipient's FortiToken serial number. |
string |
Maximum length: 16 |
|||||||||||
|
email-to |
Two-factor recipient's email address. |
string |
Maximum length: 63 |
|||||||||||
|
sms-server |
Send SMS through FortiGuard or other external server. |
option |
- |
|||||||||||
|
|
|
|||||||||||||
|
sms-custom-server |
Two-factor recipient's SMS server. |
string |
Maximum length: 35 |
|||||||||||
|
sms-phone |
Two-factor recipient's mobile phone number. |
string |
Maximum length: 15 |
|||||||||||
|
passwd-policy |
Password policy to apply to this user, as defined in config user password-policy. |
string |
Maximum length: 35 |
|||||||||||
|
passwd-time |
Time of the last password update. |
user |
Not Specified |
|||||||||||
|
authtimeout |
Time in minutes before the authentication timeout for a user is reached. |
integer |
Minimum value: 0 Maximum value: 1440 |
|||||||||||
|
workstation |
Name of the remote user workstation, if you want to limit the user to authenticate only from a particular workstation. |
string |
Maximum length: 35 |
|||||||||||
|
auth-concurrent-override |
Enable/disable overriding the policy-auth-concurrent under config system global. |
option |
- |
|||||||||||
|
|
|
|||||||||||||
|
auth-concurrent-value |
Maximum number of concurrent logins permitted from the same user. |
integer |
Minimum value: 0 Maximum value: 100 |
|||||||||||
|
username-case-sensitivity |
Enable/disable case sensitivity when performing username matching (uppercase and lowercase letters are treated either as distinct or equivalent). |
option |
- |
|||||||||||
|
|
|
|||||||||||||