2) Set the ADOM mode to 'Advanced'.In Advanced mode, assign a VDOM from a single FortiGate device to a different ADOM is possible.3) Create a new ADOM (or use any existing ADOM) and move the respective VDOM to the new ADOM, which needs to have a separate management access.System Settings-> All ADOMs-> Create New-> Create a new ADOM and select only the VDOM of FortiGate which needs to be moved to this new ADOM.Refer a sample screenshot below, on which initially it has added a FGT81E device to the FortiAnalyzer and then enabled ADOM in Advanced Mode. Later while creating the new ADOM, administrator selects VDOM 'test'.- Output of #diagnose dvm device list will display the FortiGate and its ADOM assignment information.4) Now create an admin user with required privilege and restrict access to that user only for the specific required ADOM on FortiAnalyzer.5) Perform SQL database rebuild for both the Old and New ADOM. This is required to remove any Analytic logs from the OLD ADOM for that VDOM and also to create Analytic Database for the respective VDOM on the new ADOM.-To rebuild SQL for a specific ADOM, execute the below syntax:#execute sql-local rebuild-adom <adom> <----- Input ADOM name to rebuild the SQL database.-To check the status of SQL rebuild#diag sql status rebuild-adom <adom> <----- Input ADOM name to rebuild the SQL database.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.