Hot!Admin user Administrator Profile showing read only access

Author
sunil
New Member
  • Total Posts : 4
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/02/13 02:22:45
  • Status: offline
2018/02/13 02:32:49 (permalink)
0

Admin user Administrator Profile showing read only access

Hi, 
After few days i have logged into Fortiwifi 30e Firewall device, As i need to make few changes in security profiles...But i couldn't able to find add button for adding new signature in Application control.
I was wondering what happened suddenly, then i went to system-->administrator section...i can see over there profile access was changed to read only.
i don't have any other users created on this box, can anyone help how to fix this issue and get read write access for admin user.
 
Thanks in advance.
Sunil
#1

4 Replies Related Threads

    sunil
    New Member
    • Total Posts : 4
    • Scores: 0
    • Reward points: 0
    • Joined: 2018/02/13 02:22:45
    • Status: offline
    Re: Admin user Administrator Profile showing read only access 2018/02/20 02:17:47 (permalink)
    0
    Hi Can anyone help on this issue ?
     
     
    #2
    emnoc
    Expert Member
    • Total Posts : 4989
    • Scores: 306
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: Admin user Administrator Profile showing read only access 2018/02/20 08:13:22 (permalink)
    0
    Login into the fortigate via ssh ( what ever username you have ) and execute a cli cmd
     
     
    get sys  admin list
     
    What profile do you see enabled?
     
    NOTE:  V5.2.13 has a bug that it is not showing   admin or adminprofile from the cli in multi-vdom mode
     
    Alternatively you can review the local logins ( again  here an example with cli and logs stored on disk )
     
     execute log filter  category  1
     execute log filter  device 1
     execute log  filter  field  logdesc "Admin login successful"
     
    and finally
     
    execute log display
     
    You will probably need to a find super_admin  to  change that account  accessprofile or if it's wildcards and|or  remote-authentication you need to fix the issue.
     
    What changes happen on your fortigate?
    Ken

    PCNSE,  NSE , Forcepoint ,  StrongSwan Specialist
    #3
    ede_pfau
    Expert Member
    • Total Posts : 5686
    • Scores: 385
    • Reward points: 0
    • Joined: 2004/03/09 01:20:18
    • Location: Heidelberg, Germany
    • Status: offline
    Re: Admin user Administrator Profile showing read only access 2018/02/21 07:57:24 (permalink)
    0
    I've just tested to reassign the built-in "admin" account to a read-only admin profile.
    It's not possible.
    In fact this account can only be assigned the 'super-admin' profile.
    So, could you clarify if the account you are talking about is "admin" or some account you created later?

    Ede

    " Kernel panic: Aiee, killing interrupt handler!"
    #4
    emnoc
    Expert Member
    • Total Posts : 4989
    • Scores: 306
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: Admin user Administrator Profile showing read only access 2018/02/21 16:22:35 (permalink)
    0
    yes the admin account can be deleted and reapplied but not as RO ;)
    I think also Admin ( case ) is not allowed also ;)
    I'm sure his account is a non super_admin  and not the named defaukt "admin"
     

    PCNSE,  NSE , Forcepoint ,  StrongSwan Specialist
    #5
    Jump to:
    © 2018 APG vNext Commercial Version 5.5