Situations may occur where FortiNAC’s FQDN address has been changed, and it must be updated on already installed Persistent Agents. For the purposes of this article, the following FQDNs will be used:

• Legacy – fnac-latest.forti.lab
• New – fnac.forti.lab

By default, a Persistent Agent uses these registries’ values to establish a connection to the FortiNAC server – 'lastConnectedServer', 'homeServer', 'allowedServers' respectively. Full server discovery processes are explained here.

In the example below, the Persistent Agent is communicating with the FortiNAC server, while in the screenshot below only the 'lastConnectedServer' and 'ServerIP' registry keys are populated.

The 'ServerIP' registry key was updated to a new value – 'fnac.forti.lab'. Then, another 'lastConnectedServer' key was purged. After that, the Persistent Agent service was restarted. However, this value has been adjusted to a different value.

See the screenshot below:

Before restarting the service, and adjusted keys:

After restarting the Persistent Agent service, key values have been changed back to 'fnac-latest.forti.lab':

To avoid such inconvenience, a ‘homeServer’ attribute from another registry path of the Persistent Agent must be changed in the registry path 'HKEY_USERS\ … \Software\Policies\Bradford Networks\Persistent Agent'. This is because, in this directory, PA uses values per-user, which overrides per-machine values. Search for Registry Keys (page 58):

The Attribute value can be either empty, or changed to the proper one. In the example below it has been changed to 'fnac.forti.lab':

After restarting the Persistent Agent service, the registry value of the 'ServerIP' in the initial directory has been updated accordingly: