Fortinet black logo

CLI Reference

cdb

cdb

Use this command to check and repair or upgrade and repair the object configuration database and global policy assignment table.

Syntax

diagnose cdb check adom-integrity [adom]

diagnose cdb check adom-revision [adom] [preview]

diagnose cdb check policy-packages [adom]

diagnose cdb check update-devinfo logdisk-size [new value] [0 | 1] [model-name]

diagnose cdb check update-devinfo sslvpn-flag <devname>

diagnose cdb upgrade check <action>

diagnose cdb upgrade force-retry <action>

diagnose cdb upgrade log

diagnose cdb upgrade pending-list

diagnose cdb upgrade summary

Variable

Description

check adom-integrity [adom]

Check and repair the specified ADOM's database.

check adom-revision [adom] [preview]

Check or remove invalid ADOM revision database. Optionally, preview the check before running it.

check policy-packages [adom]

Check the policy packages.

check update-devinfo logdisk-size [new value] [0 | 1] [model-name]

Update device log disk size.

  • new value: Item new value.
  • 0 | 1: update only empty values (default), or always update (1)
  • model-name: Only update on model name (default: all models).

check update-devinfo sslvpn-flag <devname>

Upgrade the device SSL-VPN flag on the specified device.

upgrade check <action>

Perform a check to see if upgrade and repair is necessary.

  • objcfg-integrity - Object config database integrity
  • reference-integrity - Reference table integrity
  • object-sequence - Repair invalid object sequence
  • duplicate-uuid - Reassign duplicated uuid in ADOM database
  • resync-dev-vdoms - Resync and add any missing vdoms from device database to DVM database
  • invalid-install-target - Invalid policy package and template install target
  • fw-addr-type - Firewall address wrong FQDN type
  • zone-defmap-intf - Unset invalid defmap-intf field in dynamic zone

upgrade force-retry <action>

Re-run an upgrade that was already performed in previous release.

  • clear-max-policyid - Clear ADOM max_policyid cache
  • refresh-controller-count - Refresh controller license count
  • resync-dbcache - Resync device database cache

upgrade log

Display the configuration database upgrade log.

upgrade pending-list

Display the list of upgrades scheduled for the next reboot.

upgrade summary

Display the firmware upgrade summary.

cdb

Use this command to check and repair or upgrade and repair the object configuration database and global policy assignment table.

Syntax

diagnose cdb check adom-integrity [adom]

diagnose cdb check adom-revision [adom] [preview]

diagnose cdb check policy-packages [adom]

diagnose cdb check update-devinfo logdisk-size [new value] [0 | 1] [model-name]

diagnose cdb check update-devinfo sslvpn-flag <devname>

diagnose cdb upgrade check <action>

diagnose cdb upgrade force-retry <action>

diagnose cdb upgrade log

diagnose cdb upgrade pending-list

diagnose cdb upgrade summary

Variable

Description

check adom-integrity [adom]

Check and repair the specified ADOM's database.

check adom-revision [adom] [preview]

Check or remove invalid ADOM revision database. Optionally, preview the check before running it.

check policy-packages [adom]

Check the policy packages.

check update-devinfo logdisk-size [new value] [0 | 1] [model-name]

Update device log disk size.

  • new value: Item new value.
  • 0 | 1: update only empty values (default), or always update (1)
  • model-name: Only update on model name (default: all models).

check update-devinfo sslvpn-flag <devname>

Upgrade the device SSL-VPN flag on the specified device.

upgrade check <action>

Perform a check to see if upgrade and repair is necessary.

  • objcfg-integrity - Object config database integrity
  • reference-integrity - Reference table integrity
  • object-sequence - Repair invalid object sequence
  • duplicate-uuid - Reassign duplicated uuid in ADOM database
  • resync-dev-vdoms - Resync and add any missing vdoms from device database to DVM database
  • invalid-install-target - Invalid policy package and template install target
  • fw-addr-type - Firewall address wrong FQDN type
  • zone-defmap-intf - Unset invalid defmap-intf field in dynamic zone

upgrade force-retry <action>

Re-run an upgrade that was already performed in previous release.

  • clear-max-policyid - Clear ADOM max_policyid cache
  • refresh-controller-count - Refresh controller license count
  • resync-dbcache - Resync device database cache

upgrade log

Display the configuration database upgrade log.

upgrade pending-list

Display the list of upgrades scheduled for the next reboot.

upgrade summary

Display the firmware upgrade summary.