There are four types of group assignment rules, which can be distinguished by:

• Installer ID
• Invitation
• IP Address
• OS

1. Installer ID

• Create an installer ID group assignment rule and select the desired group to allocate the endpoint that deployed using the FortiClient Installer that was packaged from EMS.
  
  

• Create a FortiClient Installer deployment package and include the created Installer ID.

• Any FortiClient endpoint that was installed using this installer package will automatically be placed in the defined group. In this example, the HR Dept group.

2. Invitation.

• Create an invitation code under the Endpoints -> Invitations tab.

• Create a group assignment rule under the Endpoints -> Group Assignment Rules tab to select the created invitation code and desired group.

• Any FortiClient endpoint that is connected to the EMS using this invitation code will be placed automatically in the defined group. In this example, the Sales Dept group.

3. IP Address

• Create an IP Address group assignment rule under the Endpoints -> Group Assignment Rules tab and enter a specific IPv4 subnet/IP range. IPv6 subnet/IP range is not supported.
• Select the desired group to allocate the endpoint that matched the defined IP address in the next telemetry communication.

4. OS.

• Create an OS group assignment rule under the Endpoints -> Group Assignment Rules tab and enter specific OS, for example Windows/Windows Server 2019.
• Select the desired group to allocate the endpoint that matched the defined OS in the next telemetry communication.