I file it under “feature, not a bug” category – you are trying to delete some
object, say VDOM, which is NOT actually used anywhere, but the Fortigate throws
an error command fail. Return code -23. Fortigate keeps reference count of
all objects at all times, and if for any given object its reference count is not
0, trying to delete it will cause an error. This is a safety feature to prevent
admins deleting an object in use. In older Check Point versions –
before R80, you could delete an object used in rules, and firewall would replace
it with Any, what a disaster. But back to Fortigates – this error may, unfortunately
happen when you deleted all references to the object, for reasons not under our
control – be stuck in the cache, or
you deleted all references to the object in the wrong (to Fortigate) order….