Fortinet black logo

Administration Guide

Home FortiManager 7.2.2 Administration Guide

ADOM-level metadata variables

7.2.2
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.6
6.2.5
6.2.3
6.2.2
6.2.1
6.2.0
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.10
5.2.7
5.2.6
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3
5.0.2
4.3.8
4.3.7
4.3.6
4.3.5
4.3.4
4.3.3
4.3.2
4.3.1
4.3.0
4.2.9
4.2.8
4.2.7
4.2.6
4.2.5
4.2.4
4.2.3
4.2.2
4.2.1
4.2.0
4.1.0
4.0.3
4.0.2
4.0.1
4.0.0
Copy Link
Copy Doc ID 685e995b-337a-11ed-9d74-fa163e15d75b:478643
Download PDF

ADOM-level metadata variables

ADOM-level metadata variables can be used as variables in scripts, templates, firewall address objects, IP pools, and VIPs.

You can configure ADOM-level metadata variables in Policy & Objects > Object Configurations > Advanced > Metadata Variables. Metadata variables configured in this way are only available in the ADOMs in which they were created.

ADOM-level metadata variables can also be created in the Global Database ADOM. When creating ADOM-level metadata variables in the Global Database, you can configure per-ADOM mapping to assign specific values to all devices within an ADOM.

Using the More option in the toolbar, you can clone, group, import, and export metadata variables, as well as see where they are being used.

Note

You must enable the visibility of this feature in Policy & Objects before it can be configured. To toggle feature visibility, go to Policy & Objects > Tools > Feature Visibility, and add or remove a checkmark for the corresponding feature.
To create an ADOM-level metadata variable:
  1. Go to Policy & Objects > Object Configurations > Advanced > Metadata Variables.
  2. Click Create New.
    The Create New Metadata Variables window opens.
  3. Enter the following information:
    NameEnter a name for the metadata variable.
    DescriptionOptionally, enter a description.
    Default ValueSet the default value for the variable. The default value is used whenever a per-device mapping is unavailable.

    Per-ADOM Mapping

    This setting is only available in the Global Database ADOM.

    Toggle ON to enable per-ADOM mapping. When enabled, click Create New to map an ADOM to a Value. This value will be applied to all devices in the selected ADOM.

    Per-Device Mapping

    This setting is not available in the Global Database ADOM.

    Toggle ON to enable per-device mapping. When enabled, you can configure specific value for each device by clicking Create New beneath Per-Device Mapping and specifying the Mapped Device and Value.

    Revision

    Enter a change note.

  4. Click OK to save the metadata variable.
    You can now use the ADOM's configured variable(s) in provisioning templates created in Device Manager.
    To configure metadata variable device assignment from the Device Manager, right-click on a managed device in the table and click Edit Variable Mapping.
To export and import metadata variables:
  1. Go to Policy & Objects > Object Configurations > Advanced > Metadata Variables.
  2. Select More in the toolbar and click Export Metadata Variables.
    The metadata variables are exported into a JSON format file.
  3. In a second ADOM, go to Policy & Objects > Object Configurations > Advanced > Metadata Variables.
  4. Select More from the toolbar and click Import Metadata Variables.
  5. Browse to your exported JSON file, or drag and drop it into the file selector, and click Import.
To use a metadata variable in dynamic objects:
  1. Go to Policy & Objects > Object Configurations.
  2. Create or edit a Firewall Address, IP Pool, or Virtual IP object.
  3. Add the metadata in a text field using the following format: $<metadata_variable_name> .
    When $ is typed into a supported text field, available metadata variables are displayed for selection. You can click the add button to create a new metadata variable.

    For example, when creating a firewall address, you can use a meatadata variable in the IP/Netmask field.

    When using metadata variables in an object, per-device mappings are no long requried.
Previous
Next

ADOM-level metadata variables

ADOM-level metadata variables can be used as variables in scripts, templates, firewall address objects, IP pools, and VIPs.

You can configure ADOM-level metadata variables in Policy & Objects > Object Configurations > Advanced > Metadata Variables. Metadata variables configured in this way are only available in the ADOMs in which they were created.

ADOM-level metadata variables can also be created in the Global Database ADOM. When creating ADOM-level metadata variables in the Global Database, you can configure per-ADOM mapping to assign specific values to all devices within an ADOM.

Using the More option in the toolbar, you can clone, group, import, and export metadata variables, as well as see where they are being used.

Note

You must enable the visibility of this feature in Policy & Objects before it can be configured. To toggle feature visibility, go to Policy & Objects > Tools > Feature Visibility, and add or remove a checkmark for the corresponding feature.
To create an ADOM-level metadata variable:
  1. Go to Policy & Objects > Object Configurations > Advanced > Metadata Variables.
  2. Click Create New.
    The Create New Metadata Variables window opens.
  3. Enter the following information:
    NameEnter a name for the metadata variable.
    DescriptionOptionally, enter a description.
    Default ValueSet the default value for the variable. The default value is used whenever a per-device mapping is unavailable.

    Per-ADOM Mapping

    This setting is only available in the Global Database ADOM.

    Toggle ON to enable per-ADOM mapping. When enabled, click Create New to map an ADOM to a Value. This value will be applied to all devices in the selected ADOM.

    Per-Device Mapping

    This setting is not available in the Global Database ADOM.

    Toggle ON to enable per-device mapping. When enabled, you can configure specific value for each device by clicking Create New beneath Per-Device Mapping and specifying the Mapped Device and Value.

    Revision

    Enter a change note.

  4. Click OK to save the metadata variable.
    You can now use the ADOM's configured variable(s) in provisioning templates created in Device Manager.
    To configure metadata variable device assignment from the Device Manager, right-click on a managed device in the table and click Edit Variable Mapping.
To export and import metadata variables:
  1. Go to Policy & Objects > Object Configurations > Advanced > Metadata Variables.
  2. Select More in the toolbar and click Export Metadata Variables.
    The metadata variables are exported into a JSON format file.
  3. In a second ADOM, go to Policy & Objects > Object Configurations > Advanced > Metadata Variables.
  4. Select More from the toolbar and click Import Metadata Variables.
  5. Browse to your exported JSON file, or drag and drop it into the file selector, and click Import.
To use a metadata variable in dynamic objects:
  1. Go to Policy & Objects > Object Configurations.
  2. Create or edit a Firewall Address, IP Pool, or Virtual IP object.
  3. Add the metadata in a text field using the following format: $<metadata_variable_name> .
    When $ is typed into a supported text field, available metadata variables are displayed for selection. You can click the add button to create a new metadata variable.

    For example, when creating a firewall address, you can use a meatadata variable in the IP/Netmask field.

    When using metadata variables in an object, per-device mappings are no long requried.
Previous
Next