Solved
Registering Forticlient to EMS
What is the easiest way to change a bunch of Forticlient registrations to a new EMS server? Currently they are registered to a Fortigate
Thanks
There are two possible approaches today:
1. Redploy FortiClient 5.4 from the EMS. Ensure that the FortiClient installer created has the IP address of the EMS as the registration server. After the deployment completes, the newly installed FortiClient will register to the EMS.
This is easy for organisations that use AD server to manage their computers.
2. Change the configuration on the FortiGate to which the clients are currently registered. Provide the IP address of the EMS in the <fortigate> element as below:
<forticlient_configuration>
<endpoint_control>
<enabled>1</enabled>
<disable_unregister>0</disable_unregister>
<silent_registration>1</silent_registration>
<fortigates>
<fortigate>
<serial_number>FCTEMS</serial_number>
<name>ems_name</name>
<registration_password>difficulttoguessbuteasytoremember</registration_password>
<addresses>192.168.86.4:8013</addresses>
</fortigate>
</fortigates>
</endpoint_control>
</forticlient_configuration>
This requires using FortiClient advanced configuration on the FortiGate. Allow all the clients to receive the update (may be a few hours, in case some clients are offline). Then disable FortiClient listening on the FortiGate. FortiClient will find that it could no longer reach the FortiGate to which it is currently registered. It should then look through the configured <fortigate> list.
As usual, you want to test the solution you select before deploying it.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.