Viewing, editing and deleting user groups
To view the list of FortiGate user groups, go to User & Device > User > User Groups.
Editing a user group
When editing a user group in the CLI you must set the type of group this will be — either a firewall group, a Fortinet Single Sign-On Service group (FSSO), a Radius based Single Sign-On Service group (RSSO), or a guest group. Once the type of group is set, and members are added you cannot change the group type without removing the members.
In the web-based manager, if you change the type of the group any members will be removed automatically.
To edit a user group – web-based manager:
1. Go to User & Device > User > User Groups.
2. Select the user group that you want to edit.
3. Select the Edit button.
4. Modify the user group as needed.
5. Select OK.
To edit a user group – CLI example:
This example adds user3 to Group1. Note that you must re-specify the full list of users:
config user group edit Group1
set group-type firewall
set member user2 user4 user3 end
Deleting a user group
Before you delete a user group, you must ensure there are no objects referring to, it such as security policies. If there are, you must remove those references before you are able to delete the user group.
To remove a user group – web-based manager:
1. Go to User & Device > User > User Groups.
2. Select the user group that you want to remove.
3. Select the Delete button.
4. Select OK.
To remove a user group – CLI example:
config user group delete Group2
end