Technical Tip: Facing issue removing an object from FortiGate even when it is not referenced

ctan · ‎12-13-2021

Description

This article describes how to remove an object that is not referenced, when the delete button is greyed out via FortiGate GUI, and the CLI prompt message that the object is referenced

Scope

FortiOS

Solution

Run the following CLI command:

diagnose sys cmdb refcnt show <path.object.mkey>

Example on FortiGate port1 interface:

diagnose sys cmdb refcnt show system.interface.name port1

The output will show a list of entries that the FortiGate port1 interface references.

If it is not showing any references, then it is possible to reset the references database table to release the lock.

diagnose sys cmdb refcnt reset <path.object.mkey>

Example:

diagnose sys cmdb refcnt reset system.interface.name port1

After that, it is possible to check again the reference with the CLI command 'diagnose sys cmdb refcnt show <path.object.mkey>' to confirm if it is released successfully.

Once confirmed, it will be possible to remove the object that the user would like to remove; otherwise, it is possible to consider rebooting the FortiGate to see if it will release the locked object.

If the issue persists, reach out to the Fortinet Technical Assistance Center:
Fortinet Contact Support Information

Related Articles:

Documentation:

Finding object dependencies - FortiGate 7.6.3 administration guide

Technical Tip: How to Check Referenced Objects

Troubleshooting Tip: Verifying FortiGate configuration object references and dependencies

Troubleshooting Tip: Cannot delete no-reference object

Technical Tip: Facing issue removing an object from FortiGate even when it is not referenced

You are leaving our website