Re: Mass create or bulk import users
☄ Helpfulby Adonist 2018/09/17 09:03:59
1- if you have a long user list, don't directly paste it to the CLI. Chances are high that you will get a timing error, and that not all of the input is actually 'taken'. Rather, submit the same file (which is a partial config file) via 'Advanced > Batch command'. This will upload all data first, and then import into the running config.
2- if you have along user list, consider adding your LDAP (or MS-AD) as a 'remote user'. User management (who is granted SSLVPN access, who is removed from SSLVPN etc.) is then done via LDAP management. For instance, if you connect the FGT to your MS-AD, and create a user group in the MS-AD like 'SSLVPN users', you grant VPN access by dropping a user into this group. User management is completely independent of the Fortigate, and the config on your FGT is not touched in the future.
Of course, this only pays out if you already manage users by LDAP or MS-AD.
BTW, you can also grant admin access via LDAP, using a 'remote admin wildcard account'. Sound difficult but isn't.
These methods are well documented in the Cookbook or KB.
Ede " Kernel panic: Aiee, killing interrupt handler!"