The FortiManager Command Line Interface (CLI) command 'diagnose cdb upgrade force-retry add-missing-ref' is used to address issues related to missing references during the upgrade process of the FortiManager Central Database (CDB). It serves as a valuable tool for resolving missing reference issues during Central Database (CDB) upgrades.

Using this command judiciously makes it possible to maintain the integrity of a FortiManager configuration and ensure that references are properly aligned after changes or imports. This command affects the reference table and does not affect any other data. When making changes to the database, try to be as conservative as possible. This command is safe to run in production.

Purpose:

The primary purpose of the command is to handle situations where references to objects or configurations are missing during a FortiManager Central Database (CDB) upgrade. These missing references may occur when objects or configurations have been deleted or modified but are still referenced by other parts of the configuration.

Usage Scenarios:

1. After Configuration Deletion: Upon deleting an object or configuration from FortiManager, references to that object might still exist in other parts of the configuration. Running this command will help the FortiManager identify and resolve these references during a CDB upgrade.
2. Post-Import Configuration Issues: After importing a configuration from a FortiGate device or a different FortiManager, missing references  may be encountered due to differences in the imported configuration. Running this command can assist in aligning the references.

To use the command:

1. Access the FortiManager CLI: Log in to the FortiManager CLI with administrative privileges.
2. Run the Command:

diagnose cdb upgrade force-retry add-missing-ref

3. Review the Output: The command will analyze the Central Database (CDB) and attempt to add missing references. The output will provide information about the actions taken during this process.
4. Verify Configuration: After running the command, it is crucial to verify the configuration to ensure that missing references have been appropriately addressed.

Additional Considerations:

• It is recommended to take a backup of the FortiManager configuration and database before running this command to avoid any unintended consequences.
• Depending on the size and complexity of the configuration, the command may take a while to execute. Be patient and allow the process to complete.

Related article:

Technical Tip: How to troubleshoot integrity issues (or config lost) after the upgrade of FortiManag....