Help
FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
rameshk_FTNT
Staff
Staff

Created on ‎11-06-2019 05:38 AM Edited on ‎01-13-2025 02:26 AM By Community Manager

Article Id 193890

Technical Tip: Moving a specific FortiGate VDOM from its current ADOM to a new ADOM on FortiAnalyzer/FortiManager

Description

 

This article describes how to move a specific FortiGate VDOM from its current ADOM to a new ADOM on either FortiAnalyzer or FortiManager to provide the Administrator or Users separate management access to different VDOMs of the FortiGate.

 

Scope

 

FortiGate VDOM, FortiAnalyzer, FortiManager.

Solution

 

  1. Enable the ADOM feature on FortiAnalyzer, if not enabled. Enabling the ADOM will log out of the device once.

 
  1. Set the ADOM mode to 'Advanced'. In Advanced mode, assigning a VDOM from a single FortiGate device to a different ADOM is possible.
     
     
     
  2. Create a new ADOM (or use any existing ADOM) and move the respective VDOM  to the new ADOM, which needs to have a separate management access. System Settings-> All ADOMs-> Create New-> Create a new ADOM and select only the VDOM of FortiGate which needs to be moved to this new ADOM. Refer to a sample screenshot below, on which initially it has added an FGT81E device to the FortiAnalyzer and then enabled ADOM in Advanced Mode. Later while creating the new ADOM, the administrator selects VDOM 'test'.
     
     
     
Output of diagnose dvm device list will display the FortiGate and its ADOM assignment information.
 
 
  1. Now create an admin user with the required privilege and restrict access to that user only for the specific required ADOM on FortiAnalyzer.
     
     
     
  2. Perform SQL database rebuild for both the Old and New ADOM. This is required to remove any Analytic logs from the OLD ADOM for that VDOM and also to create an Analytic Database for the respective VDOM on the new ADOM.
     
  • To rebuild SQL for a specific ADOM, execute the below syntax:

 

execute sql-local rebuild-adom <adom>                             <----- Input ADOM name to rebuild the SQL database.
 
  • To check the status of the SQL rebuild.

 

diag sql status rebuild-adom <adom>                                         <----- Input ADOM name to rebuild the SQL database.
 
TroubleshootingThe following commands can be used on the Fortianalyzer CLI to debug the SQL DB rebuild:

 

diagnose sql show db-size -> Repeat this command several times to make sure that the SQL DB is increasing in size

diagnose sql status rebuild-db  -> Show the SQL DB rebuild progress and the time the Rebuild has been completed successfully

 

 

Related article:
Technical Tip: Moving devices and VDOMs between FortiManager ADOMs
https://community.fortinet.com/t5/FortiManager/Technical-Tip-How-to-move-devices-VDOMs-between-Forti...

10045
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.