Help
FortiClient
FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
david_pereira
Staff
Staff

Created on ‎08-30-2023 08:31 PM Edited on ‎08-31-2023 07:09 AM By Moderator

Article Id 271163

Technical Tip: How to create a script to connect Windows FortiClient endpoints to EMS

Description This article describes how to connect a FortiClient endpoint to EMS without user interaction, and how to change the EMS Server if necessary.
Scope Windows FortiClient 7.0+, 7.2+.
Solution

Sometimes, it is necessary to automatically connect FortiClient endpoints to EMS or migrate endpoints that are already connected to an EMS server to another one.

The fastest way to execute this procedure is to create a script to automatically run at the endpoints.

The process is simple, just create a script and then, it is possible to use Windows GPO to execute on all the endpoints in the domain.

In this article, two script samples will be studied:

 

  • One to configure the FortiClient telemetry to connect to an EMS server and another
  • One to unregister from an old EMS server and connect to another new one.

 

Script for registering FortiClient Telemetry to an EMS Server.

 

  1. Create a bat file with the following content:

 

cd \
cd c:\Program Files\Fortinet\FortiClient\
FortiESNAC.exe -r IP_or_FQDN

 

Example:

 

Img001.jpg

 

The FortiClient telemetry is disconnected from EMS:

 

Img002.jpg

 

  1. Now, execute the script as follows:

 

Img003.jpg

 

  1. The UAC window popup will appear. Select 'Yes':

 

Img004.jpg

 

  1. The FortiClient will connect to the EMS and receive the configuration profile:

 

Img005.jpg

 

Script to migrate a FortiClient registered to an EMS Server to another EMS Server.

 

At this stage, a script will be used to migrate a FortiClient connected to an EMS Server to another EMS Server.

This is very useful when a new server needs to be recreated from scratch.

 

  1.  Create a bat file with the following content:

 

cd \
cd c:\Program Files\Fortinet\FortiClient\
FortiESNAC.exe -u
FortiESNAC.exe -r NEW_IP_or_FQDN

 

In this example, FortiClient telemetry currently registered to 10.6.2.6 will be migrated to 10.6.2.3:

 

Img006.jpg

 

The FortiClient telemetry is currently connected to 10.6.2.6:

 

Img007.jpg

 

  1. Next, execute the script as follows:

 

Img008.jpg

 

  1. Two UAC windows popups will appear. Select 'Yes' on both windows:

 

Img009.jpg

 

Img010.jpg

 

  1. The FortiClient will now connect to the new EMS Server and receive the configuration profile:

 

Img011.jpg

 

This script can be used with Windows GPO. This way it is possible to automatically connect or migrate FortiClient endpoints with EMS with less effort and without user interaction.

 

Note:

Nothing happens when the script asking the FortiClient to connect to an EMS Server is used if the FortiClient is already connected.


For example, a script configured to connect to an EMS server if the endpoint is already connected even though the EMS Server is different.
This means that if the script is configured to be executed by Windows GPO in the domain, the endpoints that are already connected will not be affected. Only the endpoints that are not connected to the EMS will be configured.


To ensure already connected endpoints are migrated to a different EMS Server, the script has the '-u' in the code. This parameter requests that the FortiClient first de-registers from the currently EMS Server to then connect to the new one specified in the script.
1533
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.