- Dump ems connector settings:
get system status
show system global
exe fmpolicy print-adom-object <ADOM_ID> 2443 all
exe fmpolicy print-adom-object <ADOM_ID> 2443 +all
Example of EMS settings stored in the ADOM database:
exec fmpolicy print-adom-object 3 2443 1
Dump object [1] of category [endpoint-control fctems] in adom [root]:
---------------
config endpoint-control fctems
edit "1"
set name "ems01.test.com"
set server "10.34.45.100"
set https-port 10443
set status enable
next
end
- Create a CLI script in Device Manager - Scripts. Type and run the CLI Script in the Policy Package or ADOM Database (but not the Device DB):
config endpoint-control fctems
edit "1"
unset name
set https-port 443
set source-ip 0.0.0.0
set call-timeout 30
set fortinetone-cloud-authentication disable
set pull-sysinfo enable
set pull-vulnerabilities enable
set pull-avatars enable
set cloud-server-type production
set pull-tags enable
set pull-malware-hash enable
set websocket-override disable
set preserve-ssl-session disable
set out-of-sync-threshold 180
set status disable
set dirty-reason none
set interface-select-method auto
set trust-ca-cn enable
next
end
- Save the CLI script and execute the script on the ADOM database. It is not necessary to select the policy package.
- One script is executed and the workspace feature is active switch to policy and object.Select the 'Save' button (otherwise changes made by the script will not be saved to ADOM database).
- Dump the EMS connector settings again:
exe fmpolicy print-adom-object <ADOM_ID> 2443 all
Example empty EMS connector profiles:
execute fmpolicy print-adom-object 3 2443 all
Dump all objects for category [endpoint-control fctems] in adom [root]:
---------------
config endpoint-control fctems
edit "1"
next
edit "2"
next
edit "3"
next
edit "4"
next
edit "5"
next
edit "6"
next
edit "7"
next
end
Result:
All EMS connector ID 1 settings are deleted (reverted to default settings) from the ADOM database.
|
