Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor II

Updating FortiClient VPN through Intune or ConfigMgr

Good morning

We've been experiencing some issues updating the FortiClient VPN through platforms like Microsoft's ConfigMgr and Intune. 

These platforms are used because users cannot update the client manually, because it needs elevated rights to do. Deploying updates through the platforms mentioned above allows the updates to be run as SYSTEM instead of the local  user, however, to successfully  update the FortiClient VPN, the VPN itself needs to be shutdown.


Shutting down the VPN client is the stumbling block. To shut it down, a user needs elevated privileges to right-click on the tray icon and click "shutdown".  There is no way to do that via the command line in a programmatic way, that I'm aware of. 

We have attempted to just stop all the services of the VPN client, but they all automatically restart when forcefully closed, which makes sense. 


I'm looking to understand how others keep the VPN client updated through a management platform like ConfigMgr or Intune, or any suggestions on how to do it more reliably. 




Hey that's interesting. 


What exactly is the lifting and manipulation you are doing? 


For the MSI we use, REBOOT=ReallySuppress DONT_PROMPT_REBOOT=1 /qn

And for the EXE we use, /quiet /norestart 


But we still seem to experience issues updating the application silently if it is in use at the time. 

New Contributor II

Does anyone from Fortinet have any input on this at all? 


New Contributor


I have found the following solution in order to stop Forticlient service for a script or other needs in cmd :

So at beginning of your upgrade script on PC or as cmd (with admin rights) -


sc config FA_Scheduler start=disabled && TASKKILL /F /IM scheduler.exe /T


  • (it will disable the auto startup of FortiClient VPN Service Scheduler and kill the process)

After the script finishes the update of Forticlient or if you want to relaunch the forticlient in cmd (with admin rights)


sc config FA_Scheduler start=auto && net start Fa_Scheduler


  • (it will enable again the automatic startup of Forticlient VPN Service Scheduler and start the service again)

This solution was tested with forticlient version 7.2.2, but it should work for other versions, just replace FA_Scheduler and corresponding executable for the service scheduler of forticlient



Top Kudoed Authors