When upgrading the ADOM fails, run the debug and will know which object and value cause an error.

Below is an example, web filter object name g-default has the unwanted value for URLFILTER.

Basically, it is possible to delete the unwanted value from the ADOM database by going to Policy &Object -> Advanced -> CLI configuration.

However, if the GUI shows that the object does not have any value, it is necessary to check from the CLI side.

execute fmpolicy print-adom-object <adom_name> <category> {all | list} <output>

This article focuses on the search web filter profile name g-default.

Somehow, the CLI still detected that URLFILTER has the value. Hence, it is necessary to delete it via the script from FortiManager.

Name: Webfilter g-default
run script on : Policy Package or ADOM Database
Script details :
config webfilter profile
    edit "g-default"
        config web
            unset urlfilter-table
end

After deleting the unwanted value, it will be possible to upgrade the ADOM without having any issues.