Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AlexFeren
New Contributor III

Unable to delete VDOM

Hi Fortigate' rs, using " Fortigate-200B v4.0,build0441,110318 (MR3)" , I am unable to delete VDOM using either CLI or GUI (" delete" is blanked). My accprofile is " super_admin" .
 foo-wan-fg200b # config vdom 
 foo-wan-fg200b (vdom) # delete TSEServices 
 Domain TSEServices: used by admin user, can not delete
 Command fail. Return code -23
and
foo-wan-fg200b (global) # diagnose sys checkused system.vdom.name TSEServices
 entry used by table system.interface:name ' ssl.TSEServices' 
 entry used by table system.admin:name ' cmuser' 
 entry used by table system.vdom-property:name ' TSEServices' 
 
which I believe I shouldn' t have to touch. I' ve searched (full-)configuration for TSEServices string, only finding:
config system admin
 :
         set vdom " TSEServices" 
             config dashboard-tabs
 :
             config dashboard
for " cmuser" and " cmuser2" ; and table entry for " ssl.TSEServices" interface. A bug, or am I missing something?
2 REPLIES 2
ede_pfau
Esteemed Contributor III

Do you mean that " cmuser" and " cmuser2" are defined in the VDOM you' re trying to delete? Or did you configure the dashboard for these users while you were in that VDOM? I' d think that you' ll have to remove all listed references before deleting the VDOM. I' m not sure about the SSL interface (due to lack of information), and your comment " which I believe I shouldn' t have to touch" . Could you comment on that please?

Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
AlexFeren
New Contributor III

Solved... The issue was (as above) " system admin" for " cmuser" and " cmuser2" users had ' set vdom TSEServices' (I have no clue how they got set - I didn' t do it and they were originally ' set vdom root' well before TSEServices was ever created); however, this seems moot because these users also have ' set accprofile " super_admin" ' which should render their vdom setting irrelevant (since " super_admin" accprofile' s ' set scope global' ). So, I ' set vdom root' for both users and was then able to delete the vdom successfully. Seem like a bug to me.
Top Kudoed Authors