The firewall distinguishes between end users, who connect to the internet from behind the firewall, and administrator users, who have access to firewall objects and settings. You can add or import user records to be used for authentication. When you add (register) a user, you specify the user type and associate the record with a group. The user inherits the policies defined in the group, but the user's policy overrides the group settings.

  • To import or export user records, see Backup & firmware > Import export. Exported configurations are in .xml format.
  • To import user records from an Active Directory server, see Authentication > Users.
  • To change user status from active to inactive (and back), select a user and click Change status.
  • To remove Active Directory users who are not present in the domain, click Purge AD users. To remove the user records from XG Firewall, you must first remove these from your AD server.
    Note If high availability is configured, users are deleted from both the primary and the auxiliary device. The purge will not interrupt user sign-in or sign-out and accounting events.