Description
This article describes how to fix the ADOM integrity check error “there exists unapproved workflow session” and how to deal with it when workspace with workflow mode is enabled.
ADOM integrity check is something to run before a firmware upgrade to check the database integrity and it always proposes the corresponding database integrity errors to make the corrections manually in newer version.
Solution
1) Run integrity check for all ADOMs.
Syntax:
Syntax:
3) For the above errors, it means there is still a workflow not being approved; approve it, reject it or discard it in order to pass the integrity check.
Login into GUI, go to ADOM -> Policy & Objects -> Lock the ADOM, 'Session List' will pop-up, look for the session, select that session and 'Approve' or 'Reject' or 'Discard' the session, select 'OK' and unlock the ADOM.
This article describes how to fix the ADOM integrity check error “there exists unapproved workflow session” and how to deal with it when workspace with workflow mode is enabled.
ADOM integrity check is something to run before a firmware upgrade to check the database integrity and it always proposes the corresponding database integrity errors to make the corrections manually in newer version.
Solution
1) Run integrity check for all ADOMs.
Syntax:
# diagnose cdb check adom-integrityExample:
FMG # diagnose cdb check adom-integrity2) Run integrity check for single ADOM.
General updating - adom ADOM_1 ... An error has occured: there exists unapproved workflow session
General updating - adom ADOM_2 ... ..100% No errors
General updating - adom ADOM_3 ... ..100% No errors
General updating - adom ADOM_4 ... ..100% No errors
General updating - adom ADOM_5 ... ..100% No errors
Syntax:
# diagnose cdb check adom-integrity <ADOM name>Example:
FMG # diagnose cdb check adom-integrity ADOM_1If the update check returns an error, contact Fortinet Support for assistance.
General updating - adom ADOM_1 ... An error has occured: there exists unapproved workflow session
3) For the above errors, it means there is still a workflow not being approved; approve it, reject it or discard it in order to pass the integrity check.
Login into GUI, go to ADOM -> Policy & Objects -> Lock the ADOM, 'Session List' will pop-up, look for the session, select that session and 'Approve' or 'Reject' or 'Discard' the session, select 'OK' and unlock the ADOM.
4) Re-run the integrity check for the ADOM that detected with error previously there will not be errors anymore.
Example:
FMG # diagnose cdb check adom-integrity ADOM_15) If there is other error, create a ticket to TAC for assistance and share the config file without encryption during the config file backup from the GUI.
General updating - adom ADOM_1 ... ..100% No errors
