Administrative Domains
When ADOMs are enabled, the Device Manager tab has collapsible ADOM navigation, where all of the ADOMs are displayed in the tree menu on the left of the interface. The devices within each ADOM are shown in the default All FortiGate group. When ADOMs are disabled, the tree menu simply displays All FortiGates, All Log Arrays, and Unregistered Devices, if there are any. Non-FortiGate devices are grouped into their own specific ADOMs.
ADOMs are not enabled by default, and enabling and configuring the domains can only be performed by the admin administrator. The maximum number of ADOMs you can add depends on the specific FortiAnalyzer system model. Please refer to the FortiAnalyzer datasheet for information on the maximum number of devices and ADOMs that your model supports.
The number of devices within each group is shown in parentheses next to the group name.
| ADOMs must be enabled to support FortiMail and FortiWeb logging and reporting. When a FortiMail or FortiWeb device is promoted to the DVM table, the device is added to their respective default ADOM and will be visible in the left tree menu. See “To enable the ADOM feature:” below. |
| You cannot create a new FortiMail or FortiWeb ADOM. Go to System Settings > All ADOMs to view all default and configured ADOMs on your FortiAnalyzer device. This page displays all the devices associated with each ADOM. |
| FortiGate and FortiCarrier devices cannot be grouped into the same ADOM. FortiCarrier devices are added to a specific default FortiCarrier ADOM. |
To enable the ADOM feature:
1. Log in as admin.
2. Go to System Settings > Dashboard.
3. In the System Information widget, select Enable next to Administrative Domain.
4. Select OK in the confirmation dialog box to enable ADOMs.
To disable the ADOM feature:
1. Remove all log devices from all non-root ADOMs.
2. Delete all non-root ADOMs, by right-clicking on the ADOM in the tree menu in the Device Manager tab and selecting Delete from the pop-up menu.
3. Go to System Settings > Dashboard.
4. In the system information widget, select Disable next to Administrative Domain.
5. Select OK in the confirmation dialog box to disable ADOMs.