Automating FortiClient VPN Installs for Intune with PowerShell
Today, we are delving into a challenge that many of you have requested us to face: The FortiClient VPN. This involved creating a custom PowerShell script to extract the MSI from the Online installer, installing the application and then cleaning up the files. 

The Backstory
As many of you may know, we use Winget for deploying most of our packages. However, we recently hit a snag with the FortiClient VPN. This was because the vendor switched the public facing installer to an online installer, Winget was not able to work with this.  To resolve this problem, we have had to create our own custom deployment script to extract the MSI from the online installer. 

Our Custom Deployment Script
Here’s a brief overview of what our custom PowerShell script accomplishes: 

• Download and Verify: Safely downloads the FortiClient VPN online installer and ensures its integrity using a SHA256 hash. 
• Silent Installation: Executes the downloaded installer automatically and silently, then waits for the MSI installer to cache. 
• Detection: Assesses if  VPN is already installed on the system and verifies its version. 

The Deep Dive 
Hash Verification: By checking the SHA256 hash of the downloaded installer against an expected hash, we’re adding an additional layer of security. This guarantees that the installer hasn’t been tampered with and ensures the authenticity of the installation process. 
MSI Extraction: The script kicks off the online installer executable and waits for the MSI to download onto the device. Once the MSI is found in the application folder it then runs the MSI silently. 
Detection: The detection step is crucial. It not only confirms that our installation was successful but also ensures that the system runs the desired version of the software. This is done by scanning the registry for the FortiClient application 

Moving Forward
Challenges like these are reminders that in the world of IT, adaptability is key. While tools like Winget and Pckgr make our lives easier, there will always be instances that require a bit more finesse. This custom script is a testament to the possibilities when we think outside the box.