14. ADOM management#
14.1. ADOM creation#
14.1.1. How to create an ADOM?#
The following request creates ADOM NEW_ADOM_001 to manage FortiGate with
version 6.2:
REQUEST:
{
"id": 1,
"jsonrpc": "1.0",
"method": "add",
"params": [
{
"data": {
"desc": "This is a new ADOM",
"mr": 2,
"name": "NEW_ADOM_001",
"os_ver": "6.0"
},
"url": "/dvmdb/adom"
}
],
"session": "tVdUjweRYU4vl6xLy7OMHcC7YzorWKDIJVIEElX6g0xrUqjJyJUfg2mqTsPfYm/+kTNN1RuGMRS/n/krgOZ7EA==",
"verbose": 1
}
RESPONSE:
{
"id": 1,
"result": [
{
"data": {
"name": "NEW_ADOM_001"
},
"status": {
"code": 0,
"message": "OK"
},
"url": "/dvmdb/adom"
}
]
}
14.1.2. How to create an ADOM with options not available in symbolic format?#
At the time of this writing, the ADOM option Default Device Selection for
Install exposed in the FortiManager GUI when creating an ADOM isn’t having a
corresponding symbolic value to be used with the FortiManager API in the
corresponding flags attribute.
Internal Reference
0600155
The alternative is to work with a numerical flags attribute as shown below:
Using FortiManager GUI, create a new ADOM, uncheck the Default Device Selection for Install ADOM option
Using FortiManager API,
getthe ADOM and look at the returnedflagsattribute; don’t enable theverboseattribute when doing theget:{ "id": 3, "method": "get", "params": [ { "fields": [ "flags" ], "url": "/dvmdb/adom/dc_copenhagen" } ], "session": "{{ session }}" }
{ "id": 3, "result": [ { "data": { "flags": 2120, "name": "dc_copenhagen", "oid": 3326 }, "status": { "code": 0, "message": "OK" }, "url": "/dvmdb/adom/dc_copenhagen" } ] }
This returned
flagsattribute encodes all the ADOM options along with the Default Device Selection for Install oneYou can use it to create a new ADOM:
{ "id": 3, "method": "add", "params": [ { "data": { "flags": 2120, "mr": 4, "name": "dc_roubaix", "os_ver": "7.0", "restricted_prds": "fos" }, "url": "/dvmdb/adom" } ], "session": "{{ adom }}" }
{ "id": 3, "result": [ { "data": { "name": "dc_roubaix" }, "status": { "code": 0, "message": "OK" }, "url": "/dvmdb/adom" } ] }
14.1.3. How to create an ADOM with existing managed devices?#
REQUEST:
{
"id": 1,
"jsonrpc": "1.0",
"method": "add",
"params": [
{
"data": {
"desc": "This is a test",
"mr": 4,
"name": "demo_020",
"object member": [
{
"name": "foo_001",
"vdom": "root"
},
{
"name": "foo_002",
"vdom": "root"
}
],
"os_ver": "6.0"
},
"url": "/dvmdb/adom"
}
],
"session": "shoqp0HeZBTYl6jGIscHlnHMfeANXlgIipiZ50qAu7qbztu6oXLU2yRjOAK2e01shwwsZAUsxEo/Oif6ywSgWQ==",
"verbose": 1
}
RESPONSE:
{
"id": 1,
"result": [
{
"data": {
"name": "demo_020"
},
"status": {
"code": 0,
"message": "OK"
},
"url": "/dvmdb/adom"
}
]
}
14.1.4. How to clone an ADOM?#
I’m in the dc_amer ADOM, but I want to clone the root ADOM to a new
root_002 ADOM:
{
"id": "1",
"create task": {
"adom": "dc_amer",
"name": "clone ADOM root to root_002"
},
"method": "clone",
"params": [
{
"url": "/dvmdb/adom/root",
"data": {
"name": "root_002"
}
}
],
"session": "{{session}}"
}
Note
You can omit the
create taskcode.In this case, the request will return only when the
cloneoperation will complete.Otherwise, you will have, as usual, to monitor the progress and the final status of the returned task
{
"id": 3,
"result": [
{
"data": {
"task": 8
},
"status": {
"code": 0,
"message": "OK"
}
}
]
}
14.2. How to move a device/VDOM in a new ADOM?#
To move device foo_003 and its VDOM root in the ADOM demo_020:
REQUEST:
{
"id": 1,
"method": "add",
"create task": {
"adom": "demo_020",
},
"params": [
{
"data": [
{
"name": "foo_003",
"vdom": "root"
}
],
"url": "/dvmdb/adom/demo_020/object member"
}
],
"session": "LcJsZ5G6ItjdbEUqiLMEr/X1uRzFynmvckQgL5QwBWSf2WNs3SlUpdju9bvZq+JlKj3Pgg7jY8Xpfm9y/NpWEg==",
}
RESPONSE:
{
"id": 1,
"result": [
{
"data": {
"task": 612
},
"status": {
"code": 0,
"message": "OK"
}
}
]
}
14.3. How to get an ADOM checksum?#
See section devinfo.
14.4. How to manage the ADOM and Device Display Options?#
Starting with FMG 7.0.1 (#0716016), FMG JSON RPC API introduces new endpoints.
The only important item of interest is that the prefix URL also changed from:
https://{fmg_ip}/jsonrpc
to:
https://{fmg_ip}/jsonrpc-ui
The new endpoints:
14.4.1. To get the display options for a specific ADOM#
{
"id": 10,
"session": "xxxxxxxxxxx",
"method": "get",
"params": [
{
"url": "/ui/config/adom/root/customize"
}
]
}
14.4.2. To set the display options for a specific ADOM#
{
"id": 10,
"session": "xxxxxxxxxxx",
"method": "set",
"params": [
{
"url": "/ui/config/adom/root/customize",
"data": [
{
"pnoCustomize": ["fws", "wafprof"],
"dvmCustomize": ["dashboard", "interface"]
}
]
}
]
}
Note
Not that it’s also possible to set the ADOM display options for all devices
here (see dvmCustomize attribute).
14.4.3. To get the display options for the global ADOM#
{
"id": 10,
"session": "xxxxxxxxxxx",
"method": "get",
"params": [
{
"url": "/ui/config/global/customize"
}
]
}
14.4.4. To set the display options for the global ADOM#
{
"id": 10,
"session": "xxxxxxxxxxx",
"method": "set",
"params": [
{
"url": "/ui/config/global/customize",
"data": [
{
"pnoCustomize": ["fws", "wafprof"],
}
]
}
]
}
14.4.5. To get the display options for a specific device#
{
"id": 10,
"session": "xxxxxxxxxxx",
"method": "get",
"params": [
{
"url": "/ui/config/adom/root/device/FGT100000/customize"
}
]
}
14.4.6. To set the display options for a specific device#
{
"id": 10,
"session": "xxxxxxxxxxx",
"method": "set",
"params": [
{
"url": "/ui/config/adom/root/device/FGT100000/customize",
"data": [
{
"customize": ["KW_local", "dashboard", "interface", "dhcpsvr_all", "modem", "snmp", "replacemsg", "staticroute_all"]
}
]
}
]
}
14.4.7. To get the display options for a specific VDOM#
{
"id": 10,
"session": "xxxxxxxxxxx",
"method": "get",
"params": [
{
"url": "/ui/config/adom/root/device/FGT100001/vdom/root/customize"
}
]
}
{
"id": 10,
"session": "xxxxxxxxxxx",
"method": "set",
"params": [
{
"url": "/ui/config/adom/root/device/FGT100000/vdom/root/customize",
"data": [
{
"customize": ["KW_local", "dashboard", "interface", "dhcpsvr_all", "modem", "snmp", "replacemsg", "staticroute_all"]
}
]
}
]
}
14.5. How to figure out whether an ADOM is used by some Global Policy Packages from Global ADOM?#
We can use the FortiManager JSON RPC API url:
/pm/config/adom/{adom}/_adom/options
In this first example, our ADOM demo is simply not referenced by any Global
Policy Packages:
REQUEST:
{
"id": 3,
"method": "get",
"params": [
{
"url": "/pm/config/adom/demo/_adom/options"
}
],
"session": "XmlYqsuf6Z2meBVDBZJGTlBaFPQUxOH0Utc//OWid+NwfB6wr60cNqlrU/6zFO9STLC/bw9t+T9u7rxOrg/fRw==",
"verbose": 1
}
RESPONSE:
{
"id": 3,
"result": [
{
"data": [],
"status": {
"code": 0,
"message": "OK"
},
"url": "/pm/config/adom/demo/_adom/options"
}
]
}
In this second example, our ADOM demo is assigned to Global Policy Package
default:
REQUEST:
{
"id": 3,
"method": "get",
"params": [
{
"url": "/pm/config/adom/demo/_adom/options"
}
],
"session": "o0r5MVWBIzynzu+vdkyYXRUzeK4VlFE86mal8JMK2E/TBFSaY+CEoAaglXHwYL9082ukcNgq4UIFXwGkbUrqQw==",
"verbose": 1
}
RESPONSE:
{
"id": 3,
"result": [
{
"data": [
{
"name": "__gpkg__3784",
"oid": 3763,
"pkg list": []
}
],
"status": {
"code": 0,
"message": "OK"
},
"url": "/pm/config/adom/demo/_adom/options"
}
]
}
In the above output, we can see that ADOM demo is assigned with a global
policy package with OID 3784.
Note
We can obtain the corresponding global policy package name using the following FMG CLI command:
execute fmpolicy print-adom-package Global 1 ?
In our case, we’re getting the following output:
ID <package name>
3784 name=default, pathname=default
This output confirms our ADOM demo is assigned with Global Policy
Package default.
Note
We can also obtain that same information using the FortiManager JSON RPC API url:
/pm/pkg/global
For instance:
REQUEST:
{
"id": 3,
"method": "get",
"params": [
{
"url": "/pm/pkg/global"
}
],
"session": "v8G4nDQU8DE/y3MIOjoizD8tpS3hF1deP7LvaFx3VtEDeLWrnKkR+ccxlYlajW5/UgmGZ+NPwDQ3q6lRbDju4Q==",
"verbose": 1
}
But we will have to parse the returned list of policy package in order to
select the one with the OID of interest (filter doesn’t work on url
/pm/pkg/global).
In this third example, we have:
Global Policy Package
g_ppkg_001is assigned with policy packageppkg_001from ADOMdemoGlobal Policy Package
g_ppkg_002is assigned with policy packageppkg_002from ADOMdemo
Note
This is possible since FortiManager 7.0.1.
REQUEST:
{
"id": 3,
"method": "get",
"params": [
{
"url": "/pm/config/adom/demo/_adom/options"
}
],
"session": "3ibSO2PJgH4HZiTJbefN4Y85hs2o1w7RXi3Qas/LewtkQGrj6yLWiak5wrwn3lewnUpurFp0ku+zYti9V3zxew==",
"verbose": 1
}
RESPONSE:
{
"id": 3,
"result": [
{
"data": [
{
"name": "__gpkg__3832",
"oid": 3773,
"pkg list": [
{
"name": "ppkg_002",
"oid": 3767
}
],
"specify_assign_pkg_list": "enable"
},
{
"name": "__gpkg__3830",
"oid": 3775,
"pkg list": [
{
"name": "ppkg_001",
"oid": 3765
}
],
"specify_assign_pkg_list": "enable"
}
],
"status": {
"code": 0,
"message": "OK"
},
"url": "/pm/config/adom/demo/_adom/options"
}
]
}
In this fourth example, we have:
Global Policy Package
g_ppkg_001is assigned to ADOMdemowith policy package exclusion set for policy packagesdefaultandppkg_002Global Policy Package
g_ppkg_002is assigned to ADOMdemowith policy package exclusion set for policy packagesdefaultandppkg_001
REQUEST:
{
"id": 3,
"method": "get",
"params": [
{
"url": "/pm/config/adom/demo/_adom/options"
}
],
"session": "9qjuMZBW+8nQEwxgh6FAfBfkB7xGNPtAmRc7joj406vIo2yha/YcaJzG85olGPoAAdfL7mUGCRokr6ULrk4WTQ==",
"verbose": 1
}
RESPONSE:
{
"id": 3,
"result": [
{
"data": [
{
"assign_excluded": "enable",
"name": "__gpkg__3832",
"oid": 3773,
"pkg list": [
{
"name": "default",
"oid": 3746
},
{
"name": "ppkg_001",
"oid": 3765
}
],
"specify_assign_pkg_list": "enable"
},
{
"assign_excluded": "enable",
"name": "__gpkg__3830",
"oid": 3775,
"pkg list": [
{
"name": "default",
"oid": 3746
},
{
"name": "ppkg_002",
"oid": 3767
}
],
"specify_assign_pkg_list": "enable"
}
],
"status": {
"code": 0,
"message": "OK"
},
"url": "/pm/config/adom/demo/_adom/options"
}
]
}
14.6. How to get the ADOM limit details?#
This call was captured during a GUI debug of recent FMG, but we’re not able to get anything else, in term of output, than the one presented below:
REQUEST:
{
"id": 1,
"jsonrpc": "1.0",
"method": "get",
"params": [
{
"url": "/dvmdb/query/adomlimit"
}
],
"session": "USTJ6sCgfrmrv8JvbZAaYFRapMy6zKNMu5F7yOs7LATLMz9mgcTOoVIy1x5D9iWi8n/A2+LkhPAwvpI4OXV1LA==",
"verbose": 1
}
RESPONSE:
{
"id": 1,
"result": [
{
"data": {
"max": 0,
"warning": 0
},
"status": {
"code": 0,
"message": "OK"
},
"url": "/dvmdb/query/adomlimit"
}
]
}
14.7. ADOM Revision#
14.7.1. How to get list of ADOM revisions?#
REQUEST:
{
"id": 1,
"jsonrpc": "1.0",
"method": "get",
"params": [
{
"url": "/dvmdb/adom/demo/revision"
}
],
"session": "v/iHml/z33LbEmRgQ9MUbOpk7IQ+ncRag86In+8CscssR+5ppAH5DmSlT1tMTB//UEPzhDjbrYt1bIHFzXBXaQ==",
"verbose": 1
}
RESPONSE:
{
"id": 1,
"result": [
{
"data": [
{
"created_by": "devops",
"created_time": 1626787333,
"desc": "Copy to devices SUCCESS on Tue Jul 20 15:22:13 2021\n",
"locked": 0,
"name": "pre_tc_001",
"oid": 193,
"version": 1
},
{
"created_by": "devops",
"created_time": 1626787398,
"desc": "Copy to devices SUCCESS on Tue Jul 20 15:23:18 2021\n",
"locked": 0,
"name": "pre_tc_001",
"oid": 194,
"version": 2
},
{
"created_by": "devops",
"created_time": 1626787566,
"desc": "Copy to devices SUCCESS on Tue Jul 20 15:26:06 2021\n",
"locked": 0,
"name": "main_tc_001",
"oid": 195,
"version": 3
},
{
"created_by": "devops",
"created_time": 1626793953,
"desc": "Copy to devices SUCCESS on Tue Jul 20 17:12:33 2021\n",
"locked": 0,
"name": "pre_tc_001",
"oid": 196,
"version": 4
},
{
"created_by": "devops",
"created_time": 1626794001,
"desc": "Copy to devices SUCCESS on Tue Jul 20 17:13:21 2021\n",
"locked": 0,
"name": "main_tc_001",
"oid": 197,
"version": 5
}
],
"status": {
"code": 0,
"message": "OK"
},
"url": "/dvmdb/adom/demo/revision"
}
]
}
14.7.2. How to diff an ADOM revision with current configuration?#
First, we have to start the diff process by obtaining a token.
We want to diff the current configuration for ADOM demo with revision number 3:
REQUEST:
{
"id": 1,
"jsonrpc": "1.0",
"method": "exec",
"params": [
{
"data": {
"dst": "adom/demo",
"src": "adom/demo/revision/3"
},
"url": "/cache/diff/start"
}
],
"session": "u7BuIVsGJhGLOvVhsnRFoM1jIpPdq/0kArzP1+RUuMKWeNXr8Gn/IJ5qCZiMfZwf66DAabsO+HhOkNT2nICZoQ==",
"verbose": 1
}
RESPONSE:
{
"id": 1,
"result": [
{
"data": {
"token": "tyPyMomT3WqkYN8/WtD6zg=="
},
"status": {
"code": 0,
"message": "OK"
},
"url": "/cache/diff/start"
}
]
}
With the returned token, we can now ask for the summary report.
We have to keep asking for it as long as the percent attribute isn’t
returned with value 100:
REQUEST:
{
"id": 1,
"jsonrpc": "1.0",
"method": "exec",
"params": [
{
"token": "tyPyMomT3WqkYN8/WtD6zg==",
"url": "/cache/diff/get/summary"
}
],
"session": "u7BuIVsGJhGLOvVhsnRFoM1jIpPdq/0kArzP1+RUuMKWeNXr8Gn/IJ5qCZiMfZwf66DAabsO+HhOkNT2nICZoQ==",
"verbose": 1
}
RESPONSE:
{
"id": 1,
"result": [
{
"data": {
"obj": {
"changed": 1,
"summary": [
{
"category": 142,
"changed": [
{
"name": "src_grp_001",
"timestamp": 1626794085,
"user": "devops"
}
]
}
]
},
"percent": 37,
"pkg": {
"changed": 1,
"summary": [
{
"category": 0,
"changed": [
{
"name": "ppkg_001",
"percent": 100,
"scope member": [
{
"name": "device_01",
"vdom": "vd_01"
}
],
"timestamp": 1626795461,
"user": "admin"
}
]
}
]
}
},
"status": {
"code": 0,
"message": "OK"
},
"url": "/cache/diff/get/summary"
}
]
}
The returned percent attribute isn’t 100. So we have to keep asking…
Finally, when percent attribute reaches 100, we can ask for the
detailed object diff report:
REQUEST:
{
"id": 1,
"jsonrpc": "1.0",
"method": "exec",
"params": [
{
"token": "tyPyMomT3WqkYN8/WtD6zg==",
"url": "cache/diff/get/detail/obj/all objs"
}
],
"session": "u7BuIVsGJhGLOvVhsnRFoM1jIpPdq/0kArzP1+RUuMKWeNXr8Gn/IJ5qCZiMfZwf66DAabsO+HhOkNT2nICZoQ==",
"verbose": 1
}
RESPONSE:
{
"id": 1,
"result": [
{
"data": [
{
"category": 142,
"data": [
{
"_image-base64": null,
"allow-routing": 0,
"color": 1,
"comment": "Created with FortiManager Ansible",
"diff_flag": 2,
"exclude": 0,
"exclude-member": [],
"member": {
"n": [
"\"host_10.0.0.1\"",
"\"host_10.0.2.1\"",
"\"host_10.0.4.1\""
],
"o": [
"\"host_10.0.0.1\"",
"\"host_10.0.2.1\""
]
},
"name": "src_grp_001",
"timestamp": 1626787596,
"user": "devops",
"uuid": "f2faf34a-e94d-51eb-1263-26d6de6ec083",
"visibility": 1
}
]
}
],
"status": {
"code": 0,
"message": "OK"
},
"url": "cache/diff/get/detail/obj/all objs"
}
]
}
We can also ask for the detailed firewall policy diff report:
REQUEST:
"id": 1,
"jsonrpc": "1.0",
"method": "exec",
"params": [
{
"token": "waIVmBKE/i1jGN8NJUV6Zw==",
"url": "/cache/diff/get/summary/pkg/ppkg_001"
}
],
"session": "giMkvu5P0wHNQ2qlN+YvuqYZTR+xvrmSWKUZNlAF01QxDVeB2OJa9U+9BlwIAwYwc1GGxYYBLykGkxsRED5f2w==",
"verbose": 1
RESPONSE:
{
"id": 1,
"result": [
{
"data": {
"obj": {
"changed": 1,
"summary": [
{
"category": 181,
"changed": [
{
"name": 6,
"obj seq": 2,
"timestamp": 1626795461,
"user": "admin"
}
],
"size": 4
},
{
"category": 1103,
"size": 1
}
]
},
"percent": 100
},
"status": {
"code": 0,
"message": "OK"
},
"url": "/cache/diff/get/summary/pkg/ppkg_001"
}
]
}
Here as well, it will be required to wait for the main percent attribute to
get returned with value 100.
The category 181 is for the firewall policy. This is why we’re asking
for the firewall policy report detail:
REQUEST:
{
"id": 1,
"jsonrpc": "1.0",
"method": "exec",
"params": [
{
"fields": [
"action",
"app-category",
"app-group",
"application",
"application-list",
"auto-asic-offload",
"av-profile",
"capture-packet",
"comments",
"diffserv-forward",
"diffserv-reverse",
"diffservcode-forward",
"disclaimer",
"dlp-sensor",
"dnsfilter-profile",
"dstaddr",
"dstaddr-negate",
"dstintf",
"emailfilter-profile",
"fixedport",
"fsso-groups",
"global-label",
"groups",
"icap-profile",
"inspection-mode",
"internet-service",
"internet-service-custom",
"internet-service-custom-group",
"internet-service-group",
"internet-service-id",
"internet-service-negate",
"internet-service-src",
"internet-service-src-custom",
"internet-service-src-custom-group",
"internet-service-src-group",
"internet-service-src-id",
"internet-service-src-negate",
"ippool",
"ips-sensor",
"label",
"logtraffic",
"logtraffic-start",
"name",
"nat",
"per-ip-shaper",
"policyid",
"poolname",
"profile-group",
"profile-protocol-options",
"profile-type",
"replacemsg-override-group",
"schedule",
"service",
"service-negate",
"srcaddr",
"srcaddr-negate",
"srcintf",
"ssl-ssh-profile",
"status",
"tos",
"tos-mask",
"traffic-shaper",
"traffic-shaper-reverse",
"url-category",
"users",
"utm-status",
"uuid",
"voip-profile",
"vpntunnel",
"waf-profile",
"webfilter-profile",
"webproxy-forward-server",
"_created timestamp",
"_last-modified-by",
"_modified timestamp",
"extra info",
"scope member",
"visibility"
],
"token": "waIVmBKE/i1jGN8NJUV6Zw==",
"url": "/cache/diff/get/detail/pkg/ppkg_001/firewall/policy"
}
],
"session": "giMkvu5P0wHNQ2qlN+YvuqYZTR+xvrmSWKUZNlAF01QxDVeB2OJa9U+9BlwIAwYwc1GGxYYBLykGkxsRED5f2w==",
"verbose": 1
}
RESPONSE:
{
"id": 1,
"result": [
{
"data": [
{
"action": 1,
"app-category": [],
"app-group": [],
"application": [],
"application-list": [],
"auto-asic-offload": {
"n": 1,
"o": 1
},
"av-profile": [],
"capture-packet": 0,
"comments": {
"n": "Created with FortiManager Ansible\nTest #001",
"o": "Created with FortiManager Ansible"
},
"diff_flag": 2,
"diffserv-forward": 0,
"diffserv-reverse": 0,
"diffservcode-forward": "000000",
"disclaimer": 0,
"dlp-sensor": [],
"dnsfilter-profile": [],
"dstaddr": [
"\"dst_grp_001\""
],
"dstaddr-negate": 0,
"dstintf": [
"\"any\""
],
"emailfilter-profile": [],
"fixedport": 0,
"fsso-groups": [],
"global-label": "section_title_002",
"groups": [],
"icap-profile": [],
"inspection-mode": 1,
"internet-service": 0,
"internet-service-custom": [],
"internet-service-custom-group": [],
"internet-service-group": [],
"internet-service-id": [],
"internet-service-negate": 0,
"internet-service-src": 0,
"internet-service-src-custom": [],
"internet-service-src-custom-group": [],
"internet-service-src-group": [],
"internet-service-src-id": [],
"internet-service-src-negate": 0,
"ippool": 0,
"ips-sensor": [],
"label": null,
"logtraffic": 3,
"logtraffic-start": 0,
"name": "Test rule #001",
"nat": 0,
"obj seq": 2,
"per-ip-shaper": [],
"policyid": 6,
"poolname": [],
"profile-group": [],
"profile-protocol-options": {
"n": [],
"o": [
"default"
]
},
"profile-type": 0,
"replacemsg-override-group": [],
"schedule": [
"\"always\""
],
"service": [
"\"svc_grp_001\""
],
"service-negate": 0,
"srcaddr": [
"\"src_grp_001\""
],
"srcaddr-negate": 0,
"srcintf": [
"\"any\""
],
"ssl-ssh-profile": [
"\"no-inspection\""
],
"status": 1,
"timestamp": 1626795461,
"tos": "0x00",
"tos-mask": "0x00",
"traffic-shaper": [],
"traffic-shaper-reverse": [],
"url-category": [],
"user": "admin",
"users": [],
"utm-status": 0,
"uuid": "03cb89e0-e96d-51eb-e0ea-e0db81318e00",
"voip-profile": [],
"vpntunnel": [],
"waf-profile": [],
"webfilter-profile": [],
"webproxy-forward-server": []
}
],
"status": {
"code": 0,
"message": "OK"
},
"url": "/cache/diff/get/detail/pkg/ppkg_001/firewall/policy"
}
]
}
Always good to end the diff task:
REQUEST:
{
"id": 1,
"jsonrpc": "1.0",
"method": "exec",
"params": [
{
"token": "tyPyMomT3WpgsFsoTYvmQg==",
"url": "cache/diff/end"
}
],
"session": "fLoOiuwn9alZYE/UhPil1anzDZ4xwtlJthKeieG9cXdnwswu0JcWIHw+Cb97+oRv1uIhjj9yfyYi/srsSVMOCw==",
"verbose": 1
}
RESPONSE:
{
"id": 1,
"result": [
{
"status": {
"code": 0,
"message": "OK"
},
"url": "cache/diff/end"
}
]
}
14.7.3. How to revert an ADOM Revision?#
Reverting to a specific ADOM Revision version is as simple as cloning it.
First, you need to get the version of the ADOM Revision you want to revert.
See section How to get list of ADOM revisions?.
Then to revert ADOM Revision version 1 from the dc_emea ADOM, you can
use the following clone operation:
{
"id": 3,
"method": "clone",
"params": [
{
"data": {
"created_by": "admin",
"created_time": 1697462692,
"desc": "Revert of ADOM Revision #1",
"locked": 0,
"name": "Restored-rev_001_002"
},
"url": "/dvmdb/adom/dc_emea/revision/1"
}
],
"session": "{{session}}"
}
Note
created_timeis current time in epoch formatlockedis when you want to protect the cloned ADOM Revision from deletion.If set to
1, the created ADOM Revision will be cloned and couldn’t be deleted.
{
"id": 3,
"result": [
{
"data": {
"version": 4
},
"status": {
"code": 0,
"message": "OK"
},
"url": "/dvmdb/adom/dc_emea/revision/1"
}
]
}
Note
The returned
versionis the version of the created ADOM Revision
14.8. How to upgrade an ADOM?#
From #0764328.
REQUEST:
{
"id": 16,
"method": "exec",
"params": [
{
"url": "/pm/config/adom/ADOM_62_to_64/_upgrade"
}
],
"session": "...",
"verbose": 1
}
RESPONSE:
{
"id": 16,
"result": [
{
"data": {
"task": 97
},
"status": {
"code": 0,
"message": "OK"
},
"url": "/pm/config/adom/ADOM_62_to_64/_upgrade"
}
]
}