DescriptionThis article explains how to create an admin User and assign privileges to access specific object types of the config.
ScopeFortiADC-E, v4.1 and above
SolutionThe creation of the user and the assigning of privileges can be done with the CLI. The syntax and steps required are given below.
To Create a user
eqcli> user <user_name>
-Enter the desired password
Assign the privilege for the user
eqcli> user <user_name> flags read_global | write_global | primary
Assigning permissions for specific objects
eqcli> user <user_name> permit_object <perm> <type> <object>
<perm> ::= read|write|delete|comma-separated list of any read,write,delete permutation
<type> ::= object type (e.g., server, cluster, port, etc...)
<object> ::= object name (e.g., sv00, cl02)
Setting the Locale
user test1 locale en | ja
The locale for the FortiADC can be set to either English or Japanese (2 available options at this time). The default locale is “en” for English.
Example:
eqcli > user test1
eqcli > user test1 flags read_global
eqcli > user test1 permit_object read server Web1
Once the above is configured, the user will be able to have a read only access to all the global settings along with the access to the Server named "Web1".