download a backup of the config and open it in a text editor. Search for the name of the interface in question and you should see it somewhere else in the config. It's possible that it's being referenced by something that is CLI only, so you may need to change whatever it is from there.
If it's possible to reboot the new firewall (wasn't sure if you meant you weren't allowed to reboot the 600C or the 600D), hook up a laptop to the console, then reboot the FGT while hooked up and see if any errors show in the config.
If you can't reboot it, at least run the following command and see if it recorded any errors:
diagnose debug config-error-log read
Just to confirm, your admin session isn't on the Vlan-400 interface, correct?
And the "something" vdom is not your management vdom?
If you search your config file, do you have any other objects with the same name as any of the problematic objects, like port-agg? Duplicate names can cause some odd problems.
In case it isn't showing up correctly in the dependencies, make sure you've checked the other common references like dns server, dhcp, ntp on the interface, zone, SSID, virtual switches, etc.
Try to look at references another way around by checking to your "something" vdom with:
diag sys checkused system.vdom.name something
Also, have you tried changing the Vlan-400 vdom to root (or some other vlan) prior to attempting to delete it?
Similarly, have you tried changing to port-agg to another vdom beforehand?
And that's about all I can suggest to try before opening a support ticket with Fortinet.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.