Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Alan7622
New Contributor

Created on ‎08-27-2024 01:28 PM Edited on ‎08-27-2024 01:30 PM

Adom root question

When ADOMs are activated, 

When ADOMs are activated, 

Hello, I'm a beginner and I've activated ADOM in my lab.

I have 2 ADOMs: 

 - ADOM Si1

 - ADOM Si2

 

And a third ADOM that was created automatically. THE ROOT ADOM

There is no policy package in this ADOM.

What is it for?

 

  • Thanks for your help.
Labels:
621
0 Kudos
1 Solution
Toshi_Esumi
SuperUser
SuperUser

Created on ‎08-27-2024 01:49 PM

In the admin guide I keep referring to has very short description about root ADOM.
https://docs.fortinet.com/document/fortimanager/7.2.7/administration-guide/718923/root-adom

It's a quite similar concept with root VDOM on FGTs. It's there even when you don't enable ADOM/VDOM and everything would go in there except "global" stuff. So after you enabled ADOM mode and created other ADOMs, you can still use root ADOM to have real devices and policy&objects if you'd like.

As the admin guide states, all unautorized device would go into root ADOM. So when you try registering another device like FGT, which is already configured and running, it would go into root ADOM. Then you can authorize the device and move it into another ADOM where you want it to be in.

Toshi

View solution in original post

605
0 Kudos
2 REPLIES 2
Toshi_Esumi
SuperUser
SuperUser

Created on ‎08-27-2024 01:49 PM

In the admin guide I keep referring to has very short description about root ADOM.
https://docs.fortinet.com/document/fortimanager/7.2.7/administration-guide/718923/root-adom

It's a quite similar concept with root VDOM on FGTs. It's there even when you don't enable ADOM/VDOM and everything would go in there except "global" stuff. So after you enabled ADOM mode and created other ADOMs, you can still use root ADOM to have real devices and policy&objects if you'd like.

As the admin guide states, all unautorized device would go into root ADOM. So when you try registering another device like FGT, which is already configured and running, it would go into root ADOM. Then you can authorize the device and move it into another ADOM where you want it to be in.

Toshi

606
0 Kudos
tpatel
Staff
Staff

Created on ‎08-27-2024 01:52 PM

Hello Alan, 

 

A root adom is default adom, Unauthorized devices display in the root ADOM. 
https://docs.fortinet.com/document/fortimanager/7.6.0/administration-guide/718923/root-adom

604
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.