Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Malekith
New Contributor

Created on ‎04-02-2025 02:55 AM Edited on ‎04-02-2025 03:00 AM

unable to delete secret in FortiPAM

Hi there,

 

I am in charge of introducing FortiPAM in our Windows domain environment to manage log and secure the access to our servers.

Testing things out I have created some users, groups, targets and secrets (mostly on the same target). Clearing out some of my tests I ran into a problem: Secret Z with ID=1 gave the answer "Failed to delete some of the secrets or folders" (I can click the delete button). 

I tried to delete everything that could be related to it. The situation now is following: 

 

In my personal Folder and in the secrets folder I can see the entry for the secret Z. I have owner permissions on it. In Targets there is only the asociated Target also called Z. The delete button for this is grey and can not be clicked (obviousliy because there is an dependent objekt). 

I thought I could solve my problem with deleting the secret entry in the "secret database" via cli-command but the answer is this:

"SRV-FPA # config secret database

SRV-FPA (database) # get
== [ 1 ]
id: 1 name: Z

SRV-FPA (database) # delete 1
The entry is used by other 3 entries
Command fail. Return code -23"

including the according commands.

Maybe anyone here knows how to find the entries it is used by and how to delete them.

 

Many thanks and kind regards

Labels:
143
0 Kudos
1 Solution
Malekith
New Contributor

Created on ‎04-03-2025 02:16 AM

Problem solved:

 

The dependancys were three earlyer granted requests for approval. They couldn't be deleted via GUI but could through CLI-Command: config secret request (to get into the folder) and purge to delete all entries.

 

If you like to know how to find out the names of the folders in which you can config your objekts:

with the command show while you are in the root folder (so just opened the console) you get all of your system configuration. With some time you can find the commands the system has used to configure for example the secrets or request.

 

With kind regards

 

 

PS: Dear Forti-Support,

       please fix that old requests block the deletion of a secret.

View solution in original post

39
1 REPLY 1
Malekith
New Contributor

Created on ‎04-03-2025 02:16 AM

Problem solved:

 

The dependancys were three earlyer granted requests for approval. They couldn't be deleted via GUI but could through CLI-Command: config secret request (to get into the folder) and purge to delete all entries.

 

If you like to know how to find out the names of the folders in which you can config your objekts:

with the command show while you are in the root folder (so just opened the console) you get all of your system configuration. With some time you can find the commands the system has used to configure for example the secrets or request.

 

With kind regards

 

 

PS: Dear Forti-Support,

       please fix that old requests block the deletion of a secret.

40
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.