Here in this article let us understand how to create read only administrator for fortigate firewall, so that concerned administrator will have only read only access to the firewall.
Creating Admin Profile:
Please login to firewall as admin and then click System then click on Admin Profiles then click on Create new
Name: Give Any name to the profile
For all the access permissions select “Read” mode, so that concerned administrator will be able to view only, he will not be able to change any setting.
Permit use of CLI diagnostic commands:
If we enable this option, Admins will be able to execute diagnostic commands in fortigate firewall.
Here is the reference screenshot:
Click on SAVE button, profile will be saved.
Now you need to create new administrator and attach this READ ONLY profile to that specific user.
Click on System then click on Administrators, click on create new
Fill all the fields like name, password and then attach newly created profile “read only” to the admin user.
Please refer the below screenshot:
Now try to login with this user, he will have only read only access.
Hope this article helps you 🙂