Technical Tip: How to reset ADOM settings in FortiManager/FortiAnalyzer
Description
This article describes that it is sometimes necessary to upgrade the ADOM, but it is not possible to do so due to an unsupported ADOM version N-2 (older than 2 major versions) compared to the currently running major firmware version.
For example: FortiManager has the firmware version 7.6.6 and the ADOM version is 7.0.
For example: FortiManager has the firmware version 7.6.6 and the ADOM version is 7.0.
This ADOM cannot be upgraded in this case.
Scope
FortiManager, FortiAnalyzer.
Solution
The only solution is to reset the ADOM to the default settings.
Before resetting the ADOM version, all devices in that ADOM must be removed. The syntax for deleting devices using the CLI is found at the bottom of this article.
Warning:
Deleting a FortiGate in FortiManager will cause FortiManager to attempt to remove all references to the FortiManager from the FortiGate. To keep the FortiGate's configuration, be sure to place FortiManager in Offline Mode before deleting the devices from the ADOM.
Warning:
Deleting a FortiGate in FortiManager will cause FortiManager to attempt to remove all references to the FortiManager from the FortiGate. To keep the FortiGate's configuration, be sure to place FortiManager in Offline Mode before deleting the devices from the ADOM.
Afterward, it is possible to exit Offline Mode.
Note: All the data in the ADOM will be removed after the reset. If it is needed to save the data from this ADOM, the solution below can be used:
- Clone the ADOM
- Reset the old ADOM
- Copy the objects from the cloned ADOM back using the procedure described in Technical Note: How to move objects to new ADOM on FortiManager.
Resetting an ADOM can only be done via the CLI.
Run the following command:
execute reset adom-settings <ADOM ID> <Version> <Major Release> <OS_Type>
Example:
To reset the ADOM root to version 7.4, run the following command.
execute reset adom-settings root 7 4
Or:
execute reset adom-settings 3 7 4
Where:
3 is the root ADOM (ID).
7 is the firmware version 7.
4 is the MR (Major Release) version 4.
This will reset the ADOM root to version 7.4 default settings.
To RESET the Global ADOM to version 7.4, run the following command:
execute reset adom-settings Global 7 4
Where:
Global is the Global ADOM.
7 is the firmware version 7.
4 is the MR version 4.
If it is necessary to remove a unit and it is not possible to do this from the GUI, delete it through the CLI with the following command:
diagnose dvm device delete <adom> <Device name>
For example, to DELETE a FortiGate named 'FWF60D' from ADOM 'FGT_74':
diagnose dvm device delete FGT_74 FWF60D
Where:
FGT_74 is the ADOM name.
FWF60D is the hostname of the FortiGate to be deleted.
Related documents: