Policy and Objects – FortiManager 5.2

Policy & Objects

The Policy & Objects tab enables you to centrally manage and configure the devices that are managed by the FortiManager unit. This includes the basic network settings to connect the device to the corporate network, antivirus definitions, intrusion protection signatures, access rules, and managing and updating firmware for the devices.

If the administrator account you logged on with does not have the appropriate permissions, you will not be able to edit or delete settings, or apply any changes. Instead you are limited to browsing. To modify these settings, see Profile.

If workspace is enabled, all policies and objects are read-only until you lock the ADOM. After making any changes you must select the save icon. When unlocking the ADOM, before the save action has been selected, a warning message will open advising you that you have unsaved configuration changes. You can select to save the changes from the warning message dialog box. Alternatively, you can select to lock and edit a specific policy package in the ADOM.

ADOM level policies and objects

The following options are available:

policy package Select to access the policy package menu. The menu options are the same as the the right-click menu options.

About policies

Policy Select to create a new policy.
Tools Select and then select either ADOM Revisions or Display Options from the menu.
Collapse All / Expand


Select to collapse or expand all policies.

In v5.0.5 and earlier, if workspace is enabled, an ADOM must be locked before any changes can made to policy packages or objects. See Concurrent ADOM access for information on enabling or disabling workspace.

In v5.2.0 and later, if workspace is enabled, you can select to lock and edit the policy package in the right-click menu. You do not need to lock the ADOM first. The policy package lock status is displayed in the toolbar.

Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

5 thoughts on “Policy and Objects – FortiManager 5.2

  1. Question about ADOMs. In previous versions of FortiOS 4.3 maybe earlier. When you had multiple devices under an ADOM the policies and objects were clearly separated per device being managed. With the newer FortiOS it seems as though there is overlapping and my policies and objects seem to be cross contaminated between devices. What is your perspective on this and/or work around? Thank you in advance – Richard

  2. I have an issue for deleting the V4.2 ADOMs from FMG V5.2 getting the below error.

    Some ADOM(s) were not deleted successfully because they are not empty

    But those ADOMs are not used anywhere. How to find out where it is used?

    No admin accounts having access to the ADOM, No policy package for the ADOM.

    • Usually, it experiences this issue because something somewhere is still referencing it. Whether that item be a policy package as you mentioned before or a group etc.

  3. Is there any possibilities to find out the references for that ADOM on the FMG.

Leave a Reply

Name *
Email *