Description
This article describes the process of exporting a device list from one FortiManager and editing the JSON file and Import Device List to be used in another FortiManager.
Scope
FortiManager v7.4.
Solution
- Enable the following option:
- In CLI:
config system admin setting
set show-device-import-export enable
end
- In the GUI: Go to System Settings -> Settings. Under Display Options in the GUI, enable 'Show Device List Import/Export Buttons'.
- Navigate to Device Manager -> Device & Groups -> Managed FortiGate -> Export Device List.
- On the next prompt, select whether to download the device list of the current ADOM or all devices and all ADOMs. If all ADOMs are selected, the output file will also contain the ADOM list in JSON form, including the device-to-ADOM relationship.
- The downloaded.dat file is a tarball archive, containing a 'data.json' file with the device details. This archive can be unpacked, and the '.json' file can be viewed and edited if necessary.
- On Linux, use the tar commands to unpack the '.dat' file and view/edit the data.json inside, then repack the tar back the same way when done. For example:
tar -xvzf device_list.dat
data.json
chmod 700 data.json
nano data.json
When ready, save the file again as data.json. After, add the updated data.json back to the archive, overwriting the original:
tar -czvf device_list.dat data.json
- On Windows, install and use the 7-zip file manager to browse the archive and inline edit the JSON file, then close the text editor and select the option to update the changes to the archive when prompted by 7-zip. Note that it may be necessary to associate '.json' with Notepad++ (or other text editors) in advance for the inline edit to work in 7-zip.
Open the '.dat' file with 7-zip File Manager:
After, select the TAR file to open it:
Select the data.json to temporarily open the file in the associated Windows editor (Notepad++ in this example).
This way, the file is open from the temp folder:
After completion, save the file and close the Notepad++ window. On the following message from 7-zip, select 'Yes':
Close the 7-zip File Manager. On the next prompt, select 'Yes' again:
The modified device list can be imported back to FortiManager:
Note:
This feature currently does not work in FortiManager versions up to v7.2.8 when importing v7.0/v7.2 FortiGates with split VDOMs or a multi-VDOM setup.
Note:
An attempt to import a device list containing multiple ADOMs may fail with a 'No Permission' error when the workspace feature is enabled. The solution to this is to temporarily disable the workspace, import the devices, and then enable the workspace again.