1. Initial assessments and considerations:

• If on the endpoint/PC  is already running a free/licensed FortiClient, uninstall it before running the FortiEndpoint install. 
• If the PC has a FortiEDR collector from a previous service, uninstall it before running the FortiEndpoint install. Migration from FortiEDR to FortiEndpoint is not supported.
• Validate that there is no active GPO from the old FortiClient/FortiEDR.
• There is no .msi generated for the FortiEndpoint unified installer to use on a GPO deployment.
• For initial deployment, the .exe installer can be used for manual installation on the endpoint or a GPO can be configured to run a script that executes the .exe installer 

2.  Features available on the packet install. From the EMS-Server-Cloud, select:

• FortiClient Installer name, required version,  OS, and invite.

• Customize required features and add FortiEDR.

• Download the install, initial deployment can be: manual, GPO, MDM, or sending the link to the users. This will install FortiClient and FortiEDR on the endpoint/PC.

3. Troubleshooting possible issues during this process: In case FortiEDR is installed on the Control Panel, but is disabled on the FortiClient GUI:

• Validate endpoint is associated with a profile: System Settings that also has FortiEDR enabled: 

• If the issue is still present, open a case with Fortinet TAC Support Team. Gather and attach this information:

Open CMD as admin: 

Win:"C:\Program Files\Fortinet\FortiEDR\FortiEDRCollectorService.exe" --support

MacOs:sudo /Applications/FortiEDR.app/Contents/MacOS/FortiEDRCollector.app/Contents/MacOS/FortiEDRCollector --support

Linux:sudo /opt/FortiEDRCollector/bin/FortiEDRCollector --support

Set the client log level to debug in the FortiClient EMS profile, and provide the Diagnostic Tool output .cab file from the affected PC.

Path-Win: User\AppData\Local\FortiClient\tmp\Diagnostic_Result

Path-MacOS:cd /Library/Application\ Support/Fortinet/FortiClient/Logs