Partial install pushes only the instructed configuration (JSON API) 7.4.1
FortiManager 7.4.1 supports partial installs to push only the instructed configuration (using JSON API) without other pending changes on the device database to better address the role separation between different admin types.
Example of a partial install using JSON API
-
Make changes to the managed device. In this example, two changes are made:
-
Change the device Idle Timeout setting:
-
Go to Device Manager > Device & Groups and edit a managed device.
-
In System Settings, change the device Idle Timeout setting to 471.
-
-
Change an address in Policy & Objects.
-
Go to Policy & Objects > Policy Packages and edit a policy package.
-
Change an address to
6.6.6.8/32.
-
-
-
Using the FortiManager JSON API, perform a partial install. In this example, only the changes to the address are specified.
{ "method": "exec", "params": [ { "data": { "adom": "root", "objects": [ ["update", "obj/firewall/address/Addr_1", "", ""] ], "flags": 0 }, "url": "securityconsole/install/objects/v2" } ], "session": "4Itgh5MwczfkFt9xmpYZcKVhc0iLvcjWV5XPl71yjxwhEDEIkP4HscHfCdk68yx7p7RGILVkCLAY8QHcc3jl+A==" } { "result": [ { "data": { "task": 22 }, "status": { "code": 0, "message": "OK" }, "url": "securityconsole/install/objects/v2" } ] } -
The install log shows only the address change was installed as intended. The change to the Idle Timeout setting was not installed.
Start installing
FortiGate-VM64 $ config vdom
FortiGate-VM64 (vdom) $ edit root
current vf=root:0
FortiGate-VM64 (root) $ config firewall address
FortiGate-VM64 (address) $ edit "Addr_1"
FortiGate-VM64 (Addr_1) $ set subnet 6.6.6.8 255.255.255.255
FortiGate-VM64 (Addr_1) $ next
FortiGate-VM64 (address) $ end
FortiGate-VM64 (root) $ end
---> generating verification report
<--- done generating verification report
install finished