System admin, Set system option Set user | Fortinet 3.0 MR4 instruction


set	system admin

system admin

Use this command to create or edit a system admin on your FortiGate system. Using this command you can set:

•the administrator’s password

•the administrator’s permission level

•the administrator’s trusted hosts which determine which network addresses the administrator can use to access the FortiMail unit

Syntax

set system admin username <name_str> domain <domain_str> password <password_str> permission {readonly readwrite} sshkey {<key_str> ‘remove’} trusthost <trusthost_ipmask> webmode {basic advanced}

Keywords and Variables	Description

username <name_str>	Enter the name of the administrator account being created or edited.
domain <domain_str>	Enter the domain the administrator belongs to.
password <password_str>	Enter the password for the administrator account.
permission	Select administrator permission. readonly allows the administrator to
{readonly readwrite}	only inspect settings, while readwrite also allows changing settings.
sshkey	Enter the SSH key string for the admin user.
(<key_str> ‘remove’)	Enter ‘remove’ to remove the current SSH key.
trusthost <trust_ipmask>	Enter the host address and netmask from which the administrator can log
	in to the web-based manager. If you want the administrator to be able to
	access the FortiMail unit from any address, set <trust_ipmask> to
	0.0.0.0 0.0.0.0.
webmode (basic advanced)	Select either basic or advanced interface mode as the default webmode
	interface when logging in to this admin account.

History

FortiMail v3.0

New.

FortiMail v3.0 MR3 Added sshkey and webmode keywords.

Related topics

•set system option

•set user

FortiMail™ Secure Messaging Platform Version 3.0 MR4 CLI Reference
06-30004-0420-20080814	301

Image 301

Fortinet 3.0 MR4 manual System admin, Set system option Set user

Contents

I R E F E R E N C E Trademarks Contents Get Set 122 157 167 198 237 275 Unset 353 Index 361 Page About this document About the FortiMail Secure Messaging Platform Authentication/TITLE/HEAD Execute restore config filenamestrBODYH4You must authenticate to use this Service./H4 FortiMail QuickStart Guides FortiMail documentation Comments on Fortinet technical documentation Customer service and technical support Bypassbounceverify What’s new 06-30004-0420-20080814 Set console page lengthint CLI command syntaxSet console Set allowaccess ping https ssh snmp http telnet Connecting to the CLI Welcome FortiMail-400 loginGet system interface To connect to the CLI using SSH CLI command branches Execute Execute backup config namestr serveripv4 Backup configExecute restore Execute checklogdisk ChecklogdiskExecute checkmaildisk Execute checkmaildisk CheckmaildiskExecute checklogdisk Execute clearqueue Clearqueue Execute factoryreset Factoryreset Formatlogdisk Execute formatmaildisk Execute formatmaildiskbackupExecute formatlogdisk Execute formatmaildisk Formatmaildisk Execute formatmaildiskbackup FormatmaildiskbackupExecute formatmaildisk Execute maintain mailqueue clear age ageunit MaintainExecute maintain mailqueue clear age 23d Execute clearqueue Execute nslookup host mx nameserver NslookupExecute ping Execute traceroute Partitionlogdisk Execute partitionlogdisk logint Execute ping hostname hostipv4 PingExecute ping-option Execute ping-option option Ping-optionExecute ping Execute reboot RebootExecute reload Reload Execute rebootExecute reload Execute restore config image namestr serveripv4 RestoreExecute backup config Execute shutdown Shutdown Execute smtptest ipv4addrport domain domainstr SmtptestExecute smtptest 192.168.100.225 domain example.com Execute telnettest hostipv4port Telnettest Execute traceroute hostipv4 TracerouteExecute maintain Execute ping Execute update config Update config Execute updatecenter updatenow Updatecenter updatenow Updatecenter updatenow Get Get alertemail configuration Alertemail configurationGet alertemail setting Get alertemail configuration Alertemail setting Get antivirus Antivirus Get as option Get History Get auth imap pop3 radius smtp Auth Get av profilename Get config searchstring Config Get console Console Get fshd status Fshd status Ippolicy Is disabled, Difference are not allowedGet ippolicy policynumber Get ipprofile Get ippool namestr IppoolGet ipprofile Set ippool Set ippool addentry Get ipprofile profilename Ipprofile Get ippolicy Get ldapprofile profile namestr Ldapprofile Get limits Limits Get log elog Log elog Get log logsetting Log logsettingSet log setting local Set log setting syslog Get log msisdn Log msisdnSet log msisdn Set log view fields Get log policy Log policy Log query Set log reportconfig qryGet log query FortiMail v3.0 New Log reportconfig Get log view event history spam virus Log view Get mailserver Mailserver Get mailserver access Mailserver access Get mailserver archive Mailserver archiveGet mailserver archive exemptlist local policy remote Get mailserver localdomain Mailserver localdomains Mailserver smtp Get mailserver smtp setting Get mailserver systemquarantine Mailserver systemquarantine Get misc profilename Misc profile Get outcontent namestr OutcontentGet outpolicy Get outprofile Outpolicy Get outcontent Get outprofileGet outpolicy namestr Outprofile Get outcontent Get outpolicyGet outprofile namestr Get policy fqdn Policy Get spam deepheader Spam deepheader Get spam heuristic rules Spam heuristic rules Get spam retrieval policy fqdnstr Spam retrieval policy Get system item System Status Snmp thresholdTime ntp Time time Get user item UserGet userpolicy Alias Group Ldap map Mail Map Get userpolicy namestr UserpolicyGet user Page Set Set alertemail configuration mailto none Alertemail configuration mailtoSet alertemail deferq Set alertemail setting option Triggervalue Alertemail deferq000 Intervalminutes Set alertemail setting option optionlist none Alertemail setting optionSet alertemail setting option diskfull quotafull Set alertemail configuration mailto Set alertemail deferq Set antivirus enable disable Set as blacklistaction reject discard profile As blacklistactionSet as profile modify whitelistword Tagexpiry As bounceverifyExpiryint Set ipprofile sendervalidation Set as control autorelease delete release controlaccount As control autorelease As control bayesian Set as profile modify bayesian Set as profile modify actions As greylist Set as profile modify greylist Set ipprofile mmsreputation As mmsreputation Set as profile namestr delete As profile delete As profile modify actions As profile modify auto-release Enable disableAuto-release Webrelease As profile modify bannedword Set as profile namestr modify bannedword enable disableSet as profile modify bannedwordlist Set as profile modify bannedword As profile modify bannedwordlist Set as control bayesian As profile modify bayesian As profile modify deepheader Enable disable CheckipHeaderanalysis FortiMail v3.0 MR1 checkip and headeranalysis added Dictprofile As profile modify dictionaryDictint As profile modify dnsbl Set as profile namestr modify dnsbl enable disableSet as profile modify dnsblserver Set as profile modify dnsbl As profile modify dnsblserverHoststr Move-to newint As profile modify forgedip Set as profile namestr modify forgedip enable disable As profile modify fortishield As profile modify greylist Set as profile namestr modify greylist enable disable As profile modify heuristic Aggressive As profile modify imagespam Scanner bannedword As profile modify individualaction scannerSubject reject Discard forward Set as control autorelease Set as spamreport As profile modify quarantineDays daysint As profile modify rewritercpt Bypassonauth As profile modify scanoptionsMaxsize sizeint As profile modify surbl Set as profile namestr modify surbl enable disableSet as profile modify surblserver Set as profile modify surbl As profile modify surblserverRename-to newstr Htag tagstr As profile modify tagsHeader Stag tagstr As profile modify virus Set as profile namestr modify virus enable disable As profile modify whitelistword Set as profile namestr modify whitelistword enable disableSet as profile modify whitelistwordlist As profile modify whitelistwordlist Set as control autorelease Set as profile modify quarantine As spamreport As trusted Set auth imap namestr rename-to newstr Auth imap rename-toSet auth imap server Set auth imap rename-to Auth imap serverServeripv4 Port portint Option ssl secure Set auth pop3 namestr rename-to newstr Auth pop3 rename-toSet auth pop3 server Set auth pop3 rename-to Auth pop3 server110 Set auth radius namestr rename-to newstr Auth radius rename-toSet auth radius server Auth radius server Passwordstr DomainSet auth radius rename-to Serveripv4 Secret Set auth smtp namestr rename-to newstr Auth smtp rename-toSet auth smtp server Set auth smtp rename-to Auth smtp server Set av avprofname delete Av delete Set av avprofname modify actions discard reject Av modify actions Av modify heuristic Set av avprofname modify heuristic enable disable Av modify heuristic heuristicaction Av modify scanner Set av avprofname modify scanner enable disable Set av avprofname rename-to newnamestr Av rename-to Set system appearance Set system option 38400 57600 Mode batch lineBaudrate 9600 Lineint Set content namestr delete Content deleteSet content modify filetype Set content modify monitor Content modify action Set content namestr modify bypassonauth enable disable Content modify bypassonauthSet content modify action Set content modify filetype Set content namestr modify defersize sizeint Content modify defersizeSet content modify bypassonauth Set content modify filetype Set content modify action Set content modify monitor Content modify filetypeFiletypestr Blocked Set content modify monitor action Content modify monitor Action none Content modify monitor actionNone Replace review 155 Fshd Set ippolicy delete Set ippolicy move Set ippolicy policyint Set ippolicy policyint action scan reject tempfail Ippolicy actionPolicyint Scan Set ippolicy policyint as namestr Ippolicy as Ippolicy auth Set ippolicy policyint av namestr Ippolicy av Set ippolicy policyint content namestr Ippolicy content Set ippolicy policyint delete Ippolicy deleteSet ippolicy Set ippolicy move Ippolicy exclusive Set ippolicy policyint exclusive enable disable Set ippolicy policyint ip namestr Ippolicy ip Set ippolicy policyint match clientipv4/mask Ippolicy match gateway and server modes Set ippolicy match gateway and server modes Ippolicy match transparent modeClientipv4/mask 0.0/0 Set ippolicy policyint move newint Ippolicy moveSet ippolicy Set ippolicy delete Ippolicy smtp Set ippool namestr Set ippool namestr addentry ipv4 sizeint Ippool addentrySet ippool Set ippool delentry Set ippool delete Get ippool Ipv4 Set ippool namestr delentry rangeIDint Ippool delentryRangeIDint Set ippool Set ippool addentry Set ippool delete Get ippool Set ippool namestr delete Ippool delete 174 Ipprofile check Sender SenddsnSplice Integer seconds Ipprofile connection Set ipprofile namestr delete Ipprofile deleteSet ipprofile rename Initialdelay int Ipprofile errorFree int Increment int Ipprofile headermanipulation Rset int Ipprofile limitEmails int Ipprofile list Ipprofile mmsreputation Set ipprofile namestr rename newstr Ipprofile renameSet ipprofile delete Ipprofile senderreputation Ipprofile sendervalidation 187 Set ipprofilesetting ratecontrol connection message Ipprofilesetting ratecontrolRatecontrol Connection Antispam asstr Ldapprofile profile asavAntivirus avstr Asavstate Set ldapprofile clearallcache Ldapprofile clearallcache Ldapprofile profile auth Set ldapprofile profile namestr clearcache Ldapprofile profile clearcache Fallbackserver hoststr Ldapprofile profile fallbackserverServeripv4 389 Ldapprofile profile group Ldapprofile profile option Ldapprofile profile pwd Ldapprofile profile routing Server hoststr Ldapprofile profile serverSecure none ssl Ldapprofile profile user Ldapprofile profile user Set Adminperdomint AdminintLimits domain-level Domainint Limits system-level generalProfilesint Set limits system-level groups groupsint membersint Limits system-level groups Set limits system-level mail-users usersint Limits system-level mail-users Limits system-level other-profiles Set limits system-level policies ipint outgoingint Limits system-level policiesIpint Outgoingint 207 Set log msisdn enable disable Log policy destination event Log policy destination history Detected none Log policy destination spam Infected none Log policy destination virus Log reportconfig direction Domainname1 Log reportconfig domainDomainname2 Domainname3 Emailaddr1 Log reportconfig mailtoEmailaddr2 Emailaddr3 Log reportconfig period Qry querystr1 Log reportconfig qryQuerystr2 Querystr3 Schedule hour daily Log reportconfig schedule hourDays daysstr dates Datesint Enable disable Loglevel Log setting consoleSeverityinteger Emergency Log setting local Log setting syslog Log setting syslog Set Log view fields Loglevel event Log view loglevelHistory spam virus Loglevel Rule number Patternstr AuthenticatedSet move Senderpattern Tlsprofile MR4 Added authenticated and tlsprofileProfilestr Permission ok Relay reject Mailserver archive account Set mailserver archive exemptlist exemptid ? Mailserver archive exemptlist Set mailserver archive local quota quotaint Mailserver archive local quota Set mailserver archive policy policyid ? Mailserver archive policyRecipient subject Body Mailserver archive remote Set mailserver deadmail value Mailserver deadmail Pop3 Portnumber Mailserver portnumberSmtp Portnumber Smtps portnumber Set mailserver proxy smtp unknown Mailserver proxy smtp interface Set mailserver proxy smtp unknown hide original Mailserver proxy smtp unknownSet mailserver proxy smtp interface Hide Enable disable Username namestr AuthenticationMailserver relayserver Port portnumber Starttime hhmm Mailserver smtp deferbigmsgStoptime hhmm Set mailserver smtp delivery noesmtp yes no Mailserver smtp delivery Mailserver smtp dsn Mailserver smtp ldapdomaincheck Mailserver smtp queue Mailserver smtpauth Mailserver smtpssl Set mailserver smtpssl enabled disabled Mailserver smtp storage Type disableClient type Dir Client server Mailserver smtp storage cquarSet mailserver smtp storage cquar type client Mailserver smtp storage cquar Set Set content modify action Set content modify monitor action Set misc profile namestr delete Misc profile deleteSet misc profile rename-to Set misc profile namestr modify quota quotaint Misc profile modify quotaQuotaint Misc profile modify userstatus Set misc profile namestr modify userstatus enable disableUserstatus Webmailaccess Misc profile modify webmailaccess Set misc profile namestr rename-to newstr Misc profile rename-toSet misc profile delete Set outcontent namestr delete Outcontent delete Set outcontent modify action Set outcontent modify monitor Outcontent modify actionForward reject Set outcontent namestr modify bypassonauth enable disable Outcontent modify bypassonauthSet outcontent modify action Set outcontent modify filetype Outcontent modify filetype Reject replace Outcontent modify monitor actionReview Set outcontent modify monitor action Outcontent modify monitorTags header enable 259 Set outpolicy userstr delete Outpolicy profile deleteSet outpolicy move-to Set outpolicy rename-to Outpolicy modify Set outpolicy userstr move-to newint Outpolicy move-toSet outpolicy profile delete Set outpolicy rename-to Set outpolicy userstr rename-to newstr Outpolicy rename-toSet outpolicy profile delete Set outpolicy move-to Set outprofile profile namestr delete Outprofile profile deleteSet outprofile profile rename-to Outprofile profile modify actions Review enable disableNamestr Outprofile profile modify bannedword Outprofile profile modify bannedwordlist Outprofile profile modify bayesian Outprofile profile modify deepheader Outprofile profile modify dictionary Outprofile profile modify dnsbl Set outprofile profile namestr modify dnsbl enable disable Outprofile profile modify dnsblserver Outprofile profile modify fortishield Outprofile profile modify greylist Outprofile profile modify heuristic Enable disable Upper-level Outprofile profile modify imagespam Action Outprofile profile modify individualaction scanner Outprofile profile modify scanoptions Outprofile profile modify surbl Set outprofile profile namestr modify surbl enable disable Outprofile profile modify surblserver Outprofile profile modify tags Outprofile profile modify virus Set outprofile profile namestr modify virus enable disable Set outprofile profile modify whitelistwordlist Outprofile profile modify whitelistword Set outprofile profile modify whitelistword Outprofile profile modify whitelistwordlist Set outprofile profile namestr rename-to newstr Outprofile profile rename-toSet outprofile profile delete 286 Set policy fqdnstr delete Policy deleteSet policy modify rename-to Policy fqdnstr Policy modify addassociationAddassociation fqdn Policy modify bverifyaddr Set policy fqdnstr modify bverifyaddr disable ldap smtpSet policy modify verifyaddr Fallbackhost Hostipv4 Policy modify fallbackFallbackport Portint Policy modify ip Policy modify issubdomain Set policy fqdnstr modify issubdomain enable disable Set policy fqdnstr modify ldaprouting state enable disable Set policy fqdnstr modify ldapasav state enable disablePolicy modify ldap Set policy fqdnstr modify ldapasav profile profilestr Set policy fqdnstr modify mxflag 0 Policy modify mxflag Set policy fqdnstr modify tp zoneintr yes no yes no Policy modify tpFqdnstr Zoneintr Set policy delete Set policy modify rename-to Policy modify user Policy modify verifyaddr Smtp disableSet policy modify bverifyaddr Verifyaddr ldap Set policy fqdnstr rename-to newfqdnstr Policy modify rename-toSet policy delete Confidence Set spam deepheader confidence confidenceint95.0000 Confidenceint Set as control autorelease Set system option Set user System admin Set console System appearance Set system autoupdate pushaddressoverride disable System autoupdate pushaddressoverride Set system autoupdate pushupdate enable disable System autoupdate pushupdate Set system autoupdate schedule enable disable every hhmm System autoupdate scheduleSet system autoupdate schedule enable disable daily hhmm Address addrip4 System autoupdate tunnelingPort portnum Username Usernamestr System ddns System disclaimer allowdomain Set system disclaimer allowdomain enable disable System disclaimer incoming System disclaimer outgoing System dns Enable disable Initiate enable disable Autobackup enable disableSystem fortimanager Central-management Set system ha config portinteger timeoutinteger System ha configSet system ha config 20001 Any System ha takeover command DisabledCpeerinteger Cpeeripv4 10.0.0.1 Primary-localipv4Netmaskipv4 255.255.255.0 Set system ha interface port5 10.0.0.3 Set system ha interface port5 10.0.0.2Set system ha interface port5 10.0.0.4 317 Set system ha config 20002 Set system ha data dataportinteger timeoutintegerSystem ha data Dataportinteger System ha datadir Set system ha lservice pprts 30 System ha lservicePorts hd Checktimeinteger Set system ha mode mode System ha modeSet system ha mode cmaster Mode mode Set system ha monitor port 20000 20 System ha monitorHeartbeatportinteger 20000 323 Restore Set system ha on-failure off restore slaveSystem ha on-failure Set system ha on-failure slave Set system ha passwd passwdstr System ha passwdSet system ha passwd Passw4D Set system ha remote-as-heartbeat enable Set system ha remote-as-heartbeat enable disableSystem ha remote-as-heartbeat Set system ha restart restore resync System ha restart restore resyncSet system ha resync Restart System ha rservice Set system ha rservice pop 10.10.10.2 25 30 20 System ha takeover Set system ha takeover port5 add 10.10.10.2 System ha takeover Set system hostname hostnamestr System hostname System interface config Set system interface intfstr mode dhcp System interface mode dhcpConnection Disable Defaultgw Disable Set system interface intfstr mode static ip addrip4 maskip4 System interface mode static Set system opmode gateway server transparent System opmode System option Set system admin Set system appearanceSet system option option1 value1 System route number System snmp community Set system snmp sysinfo threshold Set system snmp community System snmp sysinfo threshold Set system time ntp System time manual Set system time manual System time ntp System usrgrp Set system admin Set user Set user alias name namestr addmember addr addr Set user alias name namestr member addr addrSet user map internalname intstr externalname extstr Set user ldap map domain domainname profile ldapprofilename User pki Set userpolicy move-to Set userpolicy rename-to Userpolicy deleteSet userpolicy namestr delete Asstr Userpolicy modifyAvstr Miscstr Set userpolicy delete Set userpolicy rename-to Userpolicy move-toSet userpolicy namestr move-to newint Set userpolicy delete Set userpolicy move-to Userpolicy rename-toSet userpolicy namestr rename-to newstr 352 Unset Unset alertemail configuration Unset ldapprofile profile namestr Unset log reportconfig namestr Unset mailserver configuration Unset system configuration User transparent and gateway Unset user configurationAlias name aliasstr Map name mapstr Group name groupstr User serverLdap map domain domainint Index Dkim 186 DNS 363 Smtp 365 366