Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Nishtha_Baria
Staff
Staff

Created on ‎09-25-2023 10:20 PM Edited on ‎09-25-2023 10:21 PM By Community Manager

Article Id 275867

Technical Tip: How to automate the reconnection of endpoints to the EMS (Endpoint Management Server) after a snapshot recovery

Description

This article provides guidance on automating the process of reconnecting endpoints to the EMS (Endpoint Management Server) following a snapshot recovery, covering both MacOS and Windows OS environments.
Scope FortiClient EMS.
Solution

Automating the reconnection of endpoints to the EMS server after a snapshot recovery can help streamline the process and ensure that all devices are properly synchronized. Whether the choice to leverage EMS capabilities, PowerShell scripting for Windows OS, or Bash scripting for MacOS, it is essential to monitor the progress and verify that the endpoints have successfully reconnected to the EMS server.

Always consider the security and compliance implications of any automation process and test the procedures in a controlled environment before implementing them in a production setting.

 

Solution 1: Utilizing EMS Capabilities.

 

  1. Check EMS Server Configuration:
  •  Ensure that the EMS server is properly configured to accept incoming connections and that any firewall rules or network policies are updated to allow the endpoints to reconnect.

 

  1. Check Endpoint Policies:
  • Review the policies configured within the EMS server to confirm that they are correctly assigned to the affected endpoints.

 

  1. Initiate EMS Synchronization:
  • Within the EMS server interface, trigger a synchronization process to force the endpoints to check-in. This process may vary depending on the EMS server software, so consult the EMS documentation for specific instructions.

 

Solution 2: Using Scripting for Endpoints.

 

For Windows OS:

  1. Create a PowerShell Script:
  • On a Windows OS machine, create a PowerShell script that uses the EMS agent's command-line utility (if available) to initiate a connection back to the EMS server.
  • Refer to the below document for commands in Windows: FortiESNAC CLI commands
  1. Deploy the Script:
  • Deploy the PowerShell script to the affected Windows endpoints using a centralized management tool like Group Policy or a remote management solution.
  1. Execute the Script:
  • Schedule the script to run at regular intervals (e.g., every hour) on the affected endpoints.

 

For MacOS Endpoints:

  1. Create a Bash Script:
  1. Deploy the Script:
  • Deploy the Bash script to the affected MacOS endpoints using a centralized management tool, or utilize a tool like SSH for remote execution.
  1. Execute the Script:
  •  Schedule the script to run at regular intervals on the affected MacOS endpoints.
Labels:
1548
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.