You can configure a profile to uninstall FortiClient from endpoints. You must create a new profile for this configuration. You cannot use the default profile to uninstall FortiClient from endpoints.
To create a profile to uninstall FortiClient:
- Go to Endpoint Profiles > Manage Profiles, and click the Add button.
- On the Deployment tab, enable FortiClient Deployment. The FortiClient deployment options display.
- Set the following options on the Deployment tab:
Specify what time to start uninstalling FortiClient from endpoints.
Reboot When Needed
Reboot the endpoint to uninstall FortiClient when needed.
Reboot when no users are logged in
Allow the endpoint to reboot without prompt if no endpoint user is logged into FortiClient.
Notify users and let the user decide when to reboot when they are logged in
Notify the end user if a reboot of the endpoint is needed and allow the user to decide what time to reboot the endpoint. Disable to reboot the endpoint without notifying the user.
Enter the username to perform deployment on AD or workgroups.
If you are using an AD to uninstall FortiClient on endpoints, you must enter the admin credentials for the AD in the profile.
If you are using a workgroup to uninstall FortiClient on endpoints, FortiClient must be connected to FortiClient EMS. Admin credentials are not required.
When configuring the profile, know what method (AD or workgoup) is being used to uninstall FortiClient on endpoints. If using an AD, enter the appropriate credentials in the profile you will assign to the AD. The credentials allow FortiClient EMS to uninstall FortiClient on endpoints by using AD. If the credentials are wrong, the uninstallation fails, and an error displays in FortiClient EMS.
Enter the password to perform the uninstall on AD or workgroups.
- Click Save. When you apply this profile to a group of endpoints and the profile takes effect, Microsoft Security Center on the endpoint alerts the user that FortiClient is off and advises to enable AV and other protection. The system must reboot to complete the uninstall process, and will reboot as configured above. Once the reboot process has begun on the endpoint, the Endpoints > System Events tab for the endpoint displays a FortiClient Telemetry-<hostname> has manually disconnected message.
Once the uninstall is complete, the endpoint appears on the Endpoints pane with only the uninstaller applied. The endpoint is shown as having no connection to EMS.