Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
aaron833
New Contributor III

Remove domain joined PCs from EMS

I have a number of domain joined PCs that are either deleted or disabled that are still showing up in EMS.  I have one in particular that keeps trying to push out a FortiClient upgrade but fails because it can't contact the computer.  Shouldn't EMS automatically be updating against AD and removing computers that are either disabled or no longer exist?  

5 REPLIES 5
ergotherego
Contributor II

Is it possible those remote computers are still running FCT and pointing back to EMS (e.g, checking in)?  Even if EMS can't connect to them outbound over SMB, if they are reaching in, that may cause EMS to continue to see those machines and try to apply profile settings to them.

 

A work-around may be to create a sub-group with no or a bogus profile attached, and manually move those machine accounts to that group inside of EMS.

 

Otherwise, it sounds like a bug, that EMS is not reflecting its own machine DB based on machine removals inside the domain.

aaron833
New Contributor III

No many of these have long been surplussed. I have one from today that I just wiped and reset for a new employee, and I have both the new and old copies of it showing up, (different PC name-but it's the same physical computer).  The old one just shows up as if it is a PC not currently connected or powered off.

 

It definitely seems like a bug, I can't remember if I had this with the older versions of EMS though.  I'm on 1.2.4 but wasn't sure if this is fixed in 1.2.5

SteveG
Contributor III

You could try lowering the Keep Alive intervals? I'm not sure what the defaults are but I remember they were very high. You can see the relevant settings under "System Settings", "Endpoints".

 

On our setup EMS checks in with AD at regular intervals so devices removed from AD are removed from EMS. I can't find where you set the sync interval but you can force an AD/EMS sync via "Endpoints", "Manage Domains".

sonu11
New Contributor

ortiClient app is constantly crashing on the startup on my Google Pixel 2 XL running Android 8.1. It used to work fine earlier when my phone was on Android 7.0. Any solution to get the app working again?

TP3
New Contributor

Hello All,

 

I signed up to see if I can better understand how the registration works for endpoints that install Forticlient via configured installer packages. When Admin makes an endpoint installer package with group policy to auto register/connect to EMS, is it possible for an ex employee or anyone who has a copy of a previous installer package to keep connecting and auto register on any device they want? We are seeing a PC constantly reconnect with an older version of Forticlient showing a FCT SN even after we removed and deleted it from our endpoint list.

 

My main question is how do we stop this computer or new computers from auto establishing connection/registration to EMS using an older downloaded copy of the installer package that our Admin created?

Labels
Top Kudoed Authors