Help
FortiSASE
FortiSASE delivers both a consistent security posture and an optimal user experience for users working from anywhere. Secure your hybrid workforce by closing security gaps, plus simplify operations.
jmc01
Staff
Staff

Created on ‎01-15-2026 01:30 PM Edited on ‎01-15-2026 01:31 PM By Community Manager

Article Id 426119

Technical Tip: Deploy FortiClient exe installer using Microsoft Intune

Description This article describes how to deploy the FortiClient Windows EXE installer using Microsoft Intune.
Scope FortiSASE.
Solution

Considering that deploying FortiClient with the Digital Experience Monitoring (DEM) agent is only possible when using the preconfigured .exe FortiClient installer.

 

The following method can be used to deploy the FortiClient for Windows using Microsoft Intune.

 

  1. Download the required files:
  • Download the preconfigured FortiClient installer from the FortiSASE portal.

 

Sase Installer.png

 

Note: The preconfigured installer includes the FortiSASE configuration, the DEM agents, and the invitation code.

  • Download the Microsoft Win32 Content Prep Tool (IntuneWinAppUtil.exe) from the Microsoft Download Center. 

Prepare Win32 App Content for Upload

 

  1. On a Windows computer, open a Command Prompt as an administrator and navigate to the folder containing IntuneWinAppUtil.exe downloaded earlier.

  2. Convert the FortiClient installer  into a .intunewin package using the following command: 

     

 

IntuneWinAppUtil -c <source_folder> -s <source_setup_file> -o <output_path>

 

Note: Replace <source_folder> with the path of the FortiClient installer, <source_setup_file>  with the installer name, and <output_path> with the desired output folder for the Intunewin package.

 

Intune_file.png

 

  1. Create the Intune FortiClient application on the Microsoft Endpoint Manager admin center:

  1. Go to Apps -> All apps -> Create.

  2. From the App type dropdown list, select Windows app (Win32).

 

win32_app.png

 

  1. Select the App package file, then upload the file from step 3, then select ok.
                                                                        

intunewin_file.png           

  1. Enter the name, description, and publisher information as desired, then select Next.

 

app_name.jpeg

 

  1. For the install command field, enter:

     <FortiClientSetup_7.2.12_x64> /quiet /norestart /log <c:\temp\FortiClientSetup_7.2.12_x64.log>

 

Note: Replace <FortiClientSetup_7.2.12_x64> with the <source_setup_file>  used on steps 3 and  <c:\temp\FortiClientSetup_7.2.12_x64.log> with the desired logs location.

 

  1. For the Uninstall command  field, enter:

 

    msiexec /x "{<product code>}" /q

 

Note: Replace the <product code> with the FortiClient product code for the version being installed. The product code can be found in the FortiClient release notes, Product integration and support

 

product_code.png

 

programs_info.png

 

  1. From the Minimum operating system dropdown list, select Windows 10 1607, then select Next.

     

    Requirement.png

     

  2. For the detection rule: select a manually configured detection rule, then select Add:

    1. From the rule type, select MSI.
    2. For the MSI product code, enter the <product code> from steps 4.e.2.
    3. For MSI product version check, select No., and then select Next.

       

detection_rule.png

 

  1. Proceed to the Assignments tab. Select Add group.

     

  2. Review the summary, then select Create.

     

Related documents:

Configuring the FortiClient application in Intune

Product integration and support

Installing FortiClient using the CLI
168
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.