If the FortiPAM device is in 1.6 version and in HA setup, this error can appear after trying to synchronize the primary and secondary device.

Even if the DLP.sensor (DLP stands for Data Loss Prevention) settings are by default this error can occur:

To ensure that the settings are completely the same on the primary and secondary, compare the output from this command:

Run this command on both units:

show full dlp sensor

show full dlp settings

By default, on the primary node, the SSH setting is added to these 3 lines:

set summary-proto http-get http-post ssh
set full-archive-proto http-get http-post ssh
set summary-proto http-get http-post ssh

While they are missing on the secondary node:

set summary-proto http-get http-post 
set full-archive-proto http-get http-post 
set summary-proto http-get http-post 

Other helpful commands for checking HA status in FortiPAM:

config system ha

get system ha status

diagnose system ha checksum cluster

diagnose system ha checksum test

diagnose system ha checksum recalculate

execute ha synchronize start

For debugging and troubleshooting:

diagnose debug app hasync 255

diagnose debug app hatalk -1

diagnose debug app hasync -1

If nothing from the list above helps to get the HA status to be in sync in the GUI, proceed with this solution:

1. Shutdown the primary node.
2. Use GUI to connect to the secondary node.
3. Backup configuration.
4. Add 'ssh' into dlp sensor to the secondary node.
5. Restore configuration.
6. Start the primary node again.