In this example:

• FortiGates are added to adom_name ADOM in FortiManager and the ADOM type is FortiGate.
• FortiAnalyzer is managed by FortiManager.
• FortiGates are added to adom_name ADOM in FortiAnalyzer and the ADOM type is FortiGate.
• FortiAuthenticator is added to the root ADOM in FortiAnalyzer.

1. Take a snapshot of both FortiManager and FortiAnalyzer before migration
2. Migrate adom_name ADOM from FortiGate to fabric in FortiManager:

execute migrate fabric <adom_name>

3. Migrate adom_name ADOM from FortiGate to fabric in FortiAnalyzer:

execute migrate fabric <adom_name>

4. If devices are required to move from root (fabric) to <adom_name> (fabric) in FortiAnalyzer, consider the following:
   • Remove the ADOM lock on FortiAnalyzer using the following command:
     
     

diagnose dvm adom unlock <adom_name>

4. • For FortiAuthenticator, it must be added in the <adom_name> of FortiManager as model device. This will ensure that FortiAuthenticator will not be deleted if a refresh is conducted on devices in FortiManager.

diagnose dvm device list <- Ensure that FortiAuthenticator is showing.

4. • FortiManager cannot be moved from the root ADOM to a new fabric <adom_name> ADOM.
   • Move the device from the root ADOM to <adom_name> within FortiAnalyzer.
     • When a device is moved from one ADOM to another, only the archive logs are transferred while the analytic logs remain in the original ADOM.
     • The analytic logs do not automatically appear in the new ADOM after the device is moved.
     • To access the analytic logs in the new ADOM, the ADOM needs to be rebuilt or reconfigured. See Technical Tip: FortiAnalyzer SQL database delete and rebuild.