Hot!Fortimanager- Push to device- Partial Install enable- not working

Author
ss198939@gmail.com
Bronze Member
  • Total Posts : 29
  • Scores: 2
  • Reward points: 0
  • Joined: 2016/01/26 05:12:04
  • Status: offline
2018/02/28 10:49:30 (permalink)
0

Fortimanager- Push to device- Partial Install enable- not working

Hi Dear,

i have enabled partial install via CLI. as per below link. but now also i am not able to push any newly created object.
like i have created new LDAP object and i want that should go to the firewall which i have added by per device mapping. i am getting error there is not install device.

http://help.fortinet.com/...00_Push%20an%20object.
#1
chall_FTNT
skyhigh
  • Total Posts : 231
  • Scores: 19
  • Reward points: 0
  • Joined: 2003/11/28 16:19:30
  • Status: offline
Re: Fortimanager- Push to device- Partial Install enable- not working 2018/02/28 11:05:07 (permalink)
0
Any object you wish to install with partial install must be referenced in the policy package associated with that device.  If that is the case and you still get an error, can you provide the exact syntax of your error?
#2
chall_FTNT
skyhigh
  • Total Posts : 231
  • Scores: 19
  • Reward points: 0
  • Joined: 2003/11/28 16:19:30
  • Status: offline
Re: Fortimanager- Push to device- Partial Install enable- not working 2018/02/28 11:07:43 (permalink)
0
For more information, see Push to Device
 
#3
ss198939@gmail.com
Bronze Member
  • Total Posts : 29
  • Scores: 2
  • Reward points: 0
  • Joined: 2016/01/26 05:12:04
  • Status: offline
Re: Fortimanager- Push to device- Partial Install enable- not working 2018/02/28 11:15:15 (permalink)
0
chall_FTNT thanks for quick answer. it was never expected that much quick response.
what i understood is :- if i am creating any object then i need to call that object in policy. otherwise it will show the same error.
 
so what is the use of partial install. because earlier also i have to call the newly created object in policy then it got reflected in firewall.
#4
chall_FTNT
skyhigh
  • Total Posts : 231
  • Scores: 19
  • Reward points: 0
  • Joined: 2003/11/28 16:19:30
  • Status: offline
Re: Fortimanager- Push to device- Partial Install enable- not working 2018/02/28 11:34:22 (permalink)
0
One of the benefits of partial-install is the ability to push an object to many devices even if those devices do not all share the same policy package.  The feature was first added for customers who wanted to push modified URL lists quickly to a large # of managed FortiGates.
#5
ss198939@gmail.com
Bronze Member
  • Total Posts : 29
  • Scores: 2
  • Reward points: 0
  • Joined: 2016/01/26 05:12:04
  • Status: offline
Re: Fortimanager- Push to device- Partial Install enable- not working 2018/02/28 11:59:26 (permalink)
0
Then what is the purpose of per device mapping. When creating object. I am not sure but I think this also serve same kind of purpose.

Thanks for the above response.
#6
chall_FTNT
skyhigh
  • Total Posts : 231
  • Scores: 19
  • Reward points: 0
  • Joined: 2003/11/28 16:19:30
  • Status: offline
Re: Fortimanager- Push to device- Partial Install enable- not working 2018/02/28 13:05:48 (permalink)
0
Per device mapping is needed if the value of the ADOM object is going to be different on a particular device than the default value.
#7
ss198939@gmail.com
Bronze Member
  • Total Posts : 29
  • Scores: 2
  • Reward points: 0
  • Joined: 2016/01/26 05:12:04
  • Status: offline
Re: Fortimanager- Push to device- Partial Install enable- not working 2018/03/01 03:37:26 (permalink)
0
My requirement is that i have created ldap server. Now i only want it to be used for fortigate authentication. I want to add user with ldap option. But i don't want to create any policy because my motive is not user authentication for internet access. I want 3 user to be in a restricted group for loging to firewall. And 1 in superadmin right. For this k have created group in ad. Now i want to create ldap admin account. And push to fortigate

Attached Image(s)

#8
chall_FTNT
skyhigh
  • Total Posts : 231
  • Scores: 19
  • Reward points: 0
  • Joined: 2003/11/28 16:19:30
  • Status: offline
Re: Fortimanager- Push to device- Partial Install enable- not working 2018/03/01 08:39:47 (permalink)
5 (1)
For some objects, the requirement for the object to be referenced in a policy package is waived for regular policy package installs.  Remote servers are one such example.  However, the remote server must still be referenced by an admin user.
 
The exception may not apply to partial install.
#9
chall_FTNT
skyhigh
  • Total Posts : 231
  • Scores: 19
  • Reward points: 0
  • Joined: 2003/11/28 16:19:30
  • Status: offline
Re: Fortimanager- Push to device- Partial Install enable- not working 2018/03/01 08:42:40 (permalink)
0
For a comment regarding this exception to the rule of requiring direct references during policy package install, see this page in the FortiManager online guide:
Install a policy package
 
The list of exceptions is not exhaustive however & so does not mention LDAP server specifically.
 
#10
ss198939@gmail.com
Bronze Member
  • Total Posts : 29
  • Scores: 2
  • Reward points: 0
  • Joined: 2016/01/26 05:12:04
  • Status: offline
Re: Fortimanager- Push to device- Partial Install enable- not working 2018/03/01 09:01:35 (permalink)
0
Hi,
thanks for your continous replies.
 
i got answer of my question. i was not able to find administrator option of fortigate firewall in fortimanager.
then i searched that we need to enable that option manually by going to device manager:-> customize. and click on administrator option. and after that we can see that option and apply ldap in newly created admin user. which you also mentioned in your comment. thanks
#11
MERANA
New Member
  • Total Posts : 4
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/02/01 09:51:48
  • Status: offline
Re: Fortimanager- Push to device- Partial Install enable- not working 2018/03/04 02:41:21 (permalink)
0
make sure its not created as dynamic object if it is then you have to go into the edit of the object and map to device. after doing so if you push it will show you in the push config of FG
#12
Jump to:
© 2018 APG vNext Commercial Version 5.5