This use case describes how to use FortiClient EMS for basic central management of FortiClient endpoints when deploying FortiClient to endpoints using AD servers. This scenario requires the following steps:
- Complete the prerequisites by preparing the AD server and Windows endpoints for deployment. See Prerequisites.
- Add endpoints to EMS by adding the AD server to EMS. See Adding endpoints using an Active Directory Domain service.
- Create a gateway list. Creating a gateway list is only necessary if connecting Telemetry to FortiGate. See Creating a gateway list.
- Create a FortiClient installer. Specify the gateway list (if created) in the installer. See Creating a FortiClient installer.
- Create a profile, select the FortiClient installer package, and configure FortiClient features in the profile. See Creating a deployment profile.
- Assign the profile to a branch of the AD domain to push the FortiClient installation process on the endpoints. See Assigning the profile to endpoints.
- Verify the deployment by monitoring FortiClient connections to FortiClient EMS.
- When a new FortiClient version is available, create a corresponding installer to deploy the new FortiClient version to endpoints. See Upgrading endpoints to the latest version of FortiClient.