Fortinet black logo

Number of allowed ADOMs enforced

Copy Link
Copy Doc ID fac241c6-8ba3-11e9-81a4-00505692583a:312404
Download PDF

Number of allowed ADOMs enforced

Previously, only a warning message would be displayed when the number of ADOMs exceeded the limit for the FortiAnalyzer platform. In 6.2.1, the limit is enforced and Admins can no longer add a new ADOM once the limit has been reached.

When upgrading to 6.2.1, ADOMs exceeding the maximum will be kept, but additional ADOMs cannot be created.

Example of ADOM enforcement using FortiAnalyzer 300F:
  1. Go to System Settings > All ADOMS > Create New.
  2. Add up to 25 new ADOMs.
  3. Attempt to add the 26th ADOM.
    ADOM creation is denied, and an error message is shown stating that the maximum number of ADOMs has been reached.

    The local event log displays the following message:

    itime=2019-08-07 14:42:28 dtime=2019-08-07 14:42:28 dstepid=1 devid=FL-3HF3917900018 msg=ADOM '26' could not be created because maximum number of ADOMs (25) has been reached idseq=23935141621530624 type=event userfrom=GUI(172.16.81.1) adom=26 devname=FL-3HF3917900018 dsteuid=1 itime_t=1565214148 user=admin date=2019-08-07 desc=Device Manager dvm log at warning level level=warning log_id=0022031008 epid=1 session_id=16498 subtype=dvm time=14:42:28 euid=1

Example of upgrading to 6.2.1 with more than the allowed number of ADOMs:
  1. In FortiAnalyzer 300F 6.2.0, add 27 ADOMs.
  2. Upgrade from FortiAnalyzer 6.2.0 to 6.2.1.
    All 27 ADOMs are kept even though the maximum amount allowed in FortiAnalyzer 300F 6.2.1 has been exceeded.
  3. Attempt to add the 28th ADOM.
    ADOM creation is denied, and an error message is displayed stating that the maximum number of ADOMs has been reached.

To view the maximum number of supported ADOMs for your FortiAnalyzer:
  1. Use the CLI command get system status.
    FAZ300F # get system status
    Platform Type                   : FAZ300F
    Platform Full Name              : FortiAnalyzer-300F
    Version                         : v6.2.0-build1137 190802 (Interim)
    Serial Number                   : FL-3HF3917900018
    BIOS version                    : 05000003
    System Part-Number              : P20792-02
    Hostname                        : FAZ300F
    Max Number of Admin Domains     : 25
    Admin Domain Configuration      : Enabled
    FIPS Mode                       : Disabled
    Branch Point                    : 1137
    Release Version Information     : Interim
    Current Time                    : Wed Aug 07 13:51:52 PDT 2019
    Daylight Time Saving            : Yes
    Time Zone                       : (GMT-8:00) Pacific Time (US & Canada).
    x86-64 Applications             : Yes
    Disk Usage                      : Free 3640.44GB, Total 3667.29GB
    File System                     : Ext4
    FortiRecorder Cameras           : 0 active / 6 allowed

Number of allowed ADOMs enforced

Previously, only a warning message would be displayed when the number of ADOMs exceeded the limit for the FortiAnalyzer platform. In 6.2.1, the limit is enforced and Admins can no longer add a new ADOM once the limit has been reached.

When upgrading to 6.2.1, ADOMs exceeding the maximum will be kept, but additional ADOMs cannot be created.

Example of ADOM enforcement using FortiAnalyzer 300F:
  1. Go to System Settings > All ADOMS > Create New.
  2. Add up to 25 new ADOMs.
  3. Attempt to add the 26th ADOM.
    ADOM creation is denied, and an error message is shown stating that the maximum number of ADOMs has been reached.

    The local event log displays the following message:

    itime=2019-08-07 14:42:28 dtime=2019-08-07 14:42:28 dstepid=1 devid=FL-3HF3917900018 msg=ADOM '26' could not be created because maximum number of ADOMs (25) has been reached idseq=23935141621530624 type=event userfrom=GUI(172.16.81.1) adom=26 devname=FL-3HF3917900018 dsteuid=1 itime_t=1565214148 user=admin date=2019-08-07 desc=Device Manager dvm log at warning level level=warning log_id=0022031008 epid=1 session_id=16498 subtype=dvm time=14:42:28 euid=1

Example of upgrading to 6.2.1 with more than the allowed number of ADOMs:
  1. In FortiAnalyzer 300F 6.2.0, add 27 ADOMs.
  2. Upgrade from FortiAnalyzer 6.2.0 to 6.2.1.
    All 27 ADOMs are kept even though the maximum amount allowed in FortiAnalyzer 300F 6.2.1 has been exceeded.
  3. Attempt to add the 28th ADOM.
    ADOM creation is denied, and an error message is displayed stating that the maximum number of ADOMs has been reached.

To view the maximum number of supported ADOMs for your FortiAnalyzer:
  1. Use the CLI command get system status.
    FAZ300F # get system status
    Platform Type                   : FAZ300F
    Platform Full Name              : FortiAnalyzer-300F
    Version                         : v6.2.0-build1137 190802 (Interim)
    Serial Number                   : FL-3HF3917900018
    BIOS version                    : 05000003
    System Part-Number              : P20792-02
    Hostname                        : FAZ300F
    Max Number of Admin Domains     : 25
    Admin Domain Configuration      : Enabled
    FIPS Mode                       : Disabled
    Branch Point                    : 1137
    Release Version Information     : Interim
    Current Time                    : Wed Aug 07 13:51:52 PDT 2019
    Daylight Time Saving            : Yes
    Time Zone                       : (GMT-8:00) Pacific Time (US & Canada).
    x86-64 Applications             : Yes
    Disk Usage                      : Free 3640.44GB, Total 3667.29GB
    File System                     : Ext4
    FortiRecorder Cameras           : 0 active / 6 allowed