Do you know if is there a way to change the "level admin" of an AD's user? In Device > Administrators I can't see the firewall's admins. Just the "admin" account. If I try to create a new account, I can't do it. The LDAP users can manage the firewall but they are not "Super Users". Currently, we have 2 firewalls in HA, connected to Panorama.
Thanks in advance.
If i understood correctly what you need to accomplish
First of all you need super user account to login and create new accounts under device administrators.
So what level of access you need to grant to users?
What additional access you need to allow to current users?
Under Admin Roles you can create new profile and allow them that access they need.
Yesterday, I have logged with a "SuperUser" account. It was the "admin" user (default). But, when I browse to Device > Administrators, the user's accounts didn't appear. Just the "admin" account. Also, I was not able to create a new user.
I need to change the LDAP's user privileges. Currently, LDAP users can log in to the web interface, but they do not have "SuperUser" permissions. Where can I change it? Where can I see the LDAP firewall's administrators?
Seems it is by design if you need to create additional super users you can create under Device Administrators .
By design if you have LDAP users even with full access to PA under admin roles still they can not do the super user functions like rebooting a firewall etc.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!