It is possible to change the interface VDOM assignment from the Global VDOM. It is important to note that an interface can only be assigned to one VDOM, while a VLAN sub-interface can belong to a different VDOM than that of the physical interface it is assigned to.

To move an interface to another VDOM, ensure that it is not referenced in any existing configurations. If the interface is referenced to an existing configuration, the Virtual domain option is non-editable from the Global VDOM.

To check if the interface is referenced to any existing configuration, go to Network -> Interfaces and check the Ref. column. Select the number of references to view the specific configurations where the interface is used.

If the Ref. column is not visible, select the gear icon and select Ref. to add to the Interface page.

Another method to check for the existing configuration references of an interface is via the CLI command:

diagnose sys cmdb refcnt show system.interface.name [interface]

Example output after running 'diagnose sys cmdb refcnt show system.interface.name port9':

(global) # diagnose sys cmdb refcnt show system.interface.name port9

entry used in table firewall.address:name 'internal-subnet' entry associated-interface 'port9' (From VDOM: 'root')

entry used in table firewall.policy:policyid '45'  entry srcintf:name 'port9' (From VDOM: 'root')

entry used in table router.static:seq-num '9' entry device 'port9' (From VDOM: 'root')

entry used in table router.policy:seq-num '1' entry output-device 'port9' (From VDOM: 'root')

After deleting all the referenced configurations, the Virtual domain option should already be editable from the Global VDOM and it is possible to select the VDOM where the interface is to be moved.