#get system admin profile Restricted_User ----------the The Restricted_User profile can be replaced by any other profile name.After the above changes, any administrators with the modified admin profile can now see the change password icon in the navigation pane after login to the Fortimanager.
FMG-VM # get system admin profile Restricted_User
profileid : Restricted_User
description : Restricted user profiles have no System Privileges enabled, and have read-only access for all Device Privileges.
type : system
scope : global
system-setting : none
adom-switch : none
global-policy-packages: none
assignment : none
read-passwd : none
device-manager : read
device-config : read
device-op : none
device-wan-link-load-balance: read
device-ap : read
device-forticlient : read
device-profile : read
policy-objects : read
deploy-management : read
config-retrieve : read
term-access : read
adom-policy-packages: read
vpn-manager : read
realtime-monitor : read
consistency-check : read
fgd_center : none
log-viewer : read
report-viewer : read
event-management : read
change-password : disable ------------------The option to change password is disabled by default.
config system admin profile
edit Restricted_User
set change-password en
end
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.