Help
FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
nradia_FTNT
Staff
Staff

Created on ‎03-21-2024 05:14 AM

Article Id 303941

Technical Tip: Permissions required for a FortiManager ADOM admin to have CLI access

Description This article describes the permissions required for a FortiManager ADOM Admin to have CLI access.
Scope FortiManager 5.x, 6.x, 7.x.
Solution

In order to have CLI access, admins require the following:

  • An Administrator account on FortiManager with access to the root ADOM.
  • An admin profile that includes Read or Read/Write access to 'System Settings'.
 

cli_admin_prof.png

 

KB Screenshot.jpg

 

Note: Currently, granting Admin users CLI access will allow those Admin users visibility into all ADOMs through the CLI, even if they do not have permissions for those ADOMs. There is currently no way to allow Admin users CLI access to view information for only certain ADOMs, or to grant Admin users access to troubleshooting commands without giving viewing access to information about all ADOMs. This would require a New Feature Request.


If the Admin user does not have access to the root ADOM, the error message 'Non-root ADOM user cannot access CLI' will be returned.


cli_error.png


If the Admin user has an Admin profile which does not have 'System Settings' permissions, the user will be unable to see the CLI button in the GUI at all.
99
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.