Skip to main content
AlexFeren
AlexFeren
New Member
October 15, 2015
Question

Copying Policy Packages and Objects from one ADOM to another

  • October 15, 2015
  • 1 reply
  • 26470 views

I have two ADOMs with different devices. I'd like to copy Policy Packages and Objects from 'Production_ADOM' to 'Staging_ADOM'.

I suppose I can add one of 'Staging_ADOM' devices to 'Production_ADOM', then install Policy Package and Objects defined in 'Production_ADOM', then add it back into 'Staging_ADOM', overwriting its Policy Package and Objects, and then installing these to other devices in the 'Staging_ADOM'.

However, I really don't wish to interfere with 'Production_ADOM'.

Is there another/smarter way? (I see command 'fmpolicy copy-adom-object' which seems like a candidate for copying Objects, but it's not well documented and also it also seems to function only one object instance at-a-time.)

 

 

    1 reply

    scao_FTNT
    Staff
    scao_FTNT
    Staff
    October 17, 2015

    'fmpolicy copy-adom-object' is for copy ADOM object to same ADOM device db

     

    for your case, I think you can try " exec fmpolicy print-adom-database" and find out needed config to create a script, then run script for your new ADOM package

     

    Thanks

     

    Simon

     

     

    AlexFeren
    AlexFerenAuthor
    New Member
    October 18, 2015

    scao_FTNT wrote:

    'fmpolicy copy-adom-object' is for copy ADOM object to same ADOM device db

    Can you provide a use-case for this command?

    scao_FTNT wrote:

    for your case, I think you can try " exec fmpolicy print-adom-database" and find out needed config to create a script, then run script for your new ADOM package

    Script won't update Policy Package - so, I'd need create script and then install it onto a device, then retrieve the device to overwrite existing Policy Package policies, and then install the Policy Package on other devices, correct? This doesn't follow the "FortiManager is master of configuration" methodology.

    FortiManager has a exporting facilities, but seems to lack importing.

    scao_FTNT
    Staff
    scao_FTNT
    Staff
    October 19, 2015

    Can you provide a use-case for this command?

       -- this CLI normally used for troubleshooting

     

    Script won't update Policy Package

       -- you can just run script for policy package / ADOM db

     

    Thanks

     

    Simon

    Terms & ConditionsAccessibility statement