PLANT FORTIMANAGER FortiManager ADOM is no longer supported Have you upgraded FortiManager to the latest version and now you can't open your ADOMs, because they are no longer supported? I was in similar situation and I have a solution for that. BARTOSZ 24 OCT 2019 + 3 MIN READ Select an ADOM a ath) =) a (32) eed FortiGate 5.6 FortiGate 5.6 Global Database Global 5.6PLANT _FortiManager ADOM is no longer supported Select an ADOM se I was in similar situation and I have a solution for that. Description Some time ago I wa :ked to perform FortiManager upgrade from 5.6 to 6.2. I followed an upgrade path and performed and intermediate upgrade to 6.0. Once I finished, it turned out that I can't access ADOMs: * root * Global « FortiCarrierPLANT FortiManager ADOM is no longer supported 2483086 enabled FOS 5.0 6 MyADOM Normal Central VPN Console 14.705 G.) 103 enabled FOC 5.0 2 FortiCarrier Normal Policy & Device VPNs 14.705 Ge) 3 enabled FOS 5.0 2 root Normal Central VPN Console 14.705 1@ enabled FOS 5.@ 6 Global Normal Policy & Device VPNs 14.705 End ADOM List- Issue? They are in version 5.2 which is not supported by FMG 6.2. Even if you follow the upgrade path, ADOMs won't be upgraded and you will lose access to them once you finish. Upgrade from GUI Areasonable solution is to perform an upgrade. Just open settings and try to upgrade. ‘Csrge iro ONetwork Bin | Devies “Peet Device a Aerhstetors ‘AName adires Ptr rote ‘lk selec eves forte ee Authentication Serve Click to upgrade Of course, it won't work. You'll receive an error:PLANT —FortiManager ADOM is no longer supported Cora io rece ‘oe pee cons i Aden | oes + sierDevce a ints sane wae = Solution To upgrade affected ADOMs and get rid of the error, you have to reset ADOMs to default settings. If there is any precious configuration you need to preserve, make sure you have a backup. But you did that before upgrading FMG, right? © Before proceeding, make sure that ADOMs are empty. Find and remove all registered and unregistered devices. FéG# diagnose dvm device 1i here are currently 35 devices/vdoms managed TYPE o1D SN HA IP. NAME Ce) unregistered 248856 FGTS®E2222211121 - 10.10.10.1 FGT_KRK modified; conf: out cond: unregiste Led] |- status: de |~ vdom:[3]root ags:® adom:root pkg: [never=4 --- There are currently @ For managed --~ here are currently @ FortiSwitch managed --- There are currently @ Forti€xtender managed --- End device list --- Thave 1 unregistered device FGT_KRK. It has to be removed before I proceed:PLANT ---Deleting device succeeded--- Once ADOM is clear, I can reset it to default and upgrade to the required version (in my environment, version 5.6 is desired): FéG# execute reset adom-settings root 5 6 This operation will delete all the existing data in the ADOM. Do you want to continue FMG# execute res Thi Do you want to continue? ( t adom-settings Forticarrier 5 6 eration will delete all the existing data in the ADOM Now my ADOMs are in version 5.6 (including Global) and errors are gone. Conclusion Before upgrading FortiManager, check its compability with FortiOS and upgrade ADOMs prior to FMG upgrade. This approach will save you time and nerves.PLANT _ FortiManager ADOM is no longer sup, oe a Secured with HSTS Header