Adding Super/Global Users to Organizations with Collectors
In multi-tenant deployments, you may need to create Super/Global users who have roles within multiple organizations. If your deployments include organizations with collectors, you must add add the users individually.
- Log in to your Supervisor node as a Super/Global users.
- Create the individual user as described in Adding a Single User, choosing the appropriate Default Role.
- Select the Permitted Organizations the user is allowed to access, overriding any default role settings as necessary.
- Click Save.
Adding Super/Global Users to Organizations without Collectors
For the organizations-without-collector case, if the Active Directory Server belongs to super-local, then the discovered users would be visible from the super-global view and any of these users can be made an FortiSIEM user. In this case the steps are
Logon as super-global
Create the user as described here – both manual and discovery-based approaches can be used
Choose the Default role
Choose the permitted organizations. And if needed, override the default role for specific organizations. In the example below, user1 is the Network Admin for every organization but System Admin for O-eng.
Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!