Hello there, as with many first posts on community help sites, this one is enameled with the slick sheen of desperation. I thought I knew what I was doing, I read the documentation! Nothing could go wrong!
And 'lo, here I am on the precipice of deploying the final piece of the puzzle for internet client management, and I’m left with a mildly retarded expression, mouth agape, with hands unable or unwilling to complete the picture with a classic head-scratch.
The problem is thus: according to http://support.bigfix.com/bes/misc/besconfigsettings.html , client command polling can be enabled and configured. Which is great! I did that, it tested wonderfully. Even better, it states that there is a task available in the support site to configure large numbers of clients, it does not, however, specify the name of the task.
As you can probably guess, the task either doesn’t exist, or I’m blind and can’t find it. Do any of you happen to know the name of the task if it exists so I can confirm in my console, or maybe an alternate method of deploying command polling? I’ll continue to investigate, of course, but here’s hoping someone has an easier answer!
Okay, the problem has been solved with duct tape for now, I located the keys for command polling and created a fixlet to write the necessary keys to the registry. I’d still love for this to be an task so the environment doesn’t have to deal with my hackery, so if anyone knows why I’m blind and/or don’t have it, please let me know!
(HKLM\SOFTWARE\BigFix\EnterpriseClient\Settings\Client_BESClient_Comm_CommandPollEnable and HKLM\SOFTWARE\BigFix\EnterpriseClient\Settings\Client_BESClient_Comm_CommandPollIntervalSeconds if anyone is interested, both strings called “Value.”)
There is an easier way. If you go to the computers tab and right click any computer you can choose the option to edit computer settings. Now if you choose the “More Options” button you can setting custom settings, target machines, etc.
There is an easier way. If you go to the computers tab and right click any computer you can choose the option to edit computer settings. Now if you choose the “More Options” button you can setting custom settings, target machines, etc.
This is true, but that’s not really a great means to set policy for an environment, since you’d have to manually monitor as new machines join the network, and right click groups of them to set the command poll interval. Also, per the documentation, setting the masthead administrative setting will only poll for commands in certain sites, one of them not being the fixlet site. I like polling fixlets, it lets me patch.
As with all actions (including settings actions), you can make it apply to “All computers…” in the target tab and then remove the end date so that it will not expire. This will allow you to take a one-time action that will apply to all computers (current and future computers).
I will check to see if we can figure out where that Task went that would make your life easier…
But may I ask why you are using command polling? If clients can receive UDP messages, then generally it is unnecessary…
From outside the front DMZ, clients cannot reliably receive UDP messages. Most of our internet clients are going to be in a home network, and either BigFix or the NAT device that the client is behind does not seem to be able to get the outgoing UDP pings to where they need to go. We have some wonky SLA rules on patch application, and it’s critical to get patches out to everthing basically the millisecond they’re available, so I can’t wait for a client to be in a favorable network condition to get fixlets applied.
As with all actions (including settings actions), you can make it apply to “All computers…” in the target tab and then remove the end date so that it will not expire. This will allow you to take a one-time action that will apply to all computers (current and future computers).
This is exactly why I wanted a happy little fixlet (or task, whichever) to make my problem go away. I didn’t realize you could group target settings applications. that’s quite handy!
_JS - Thanks! I used your registry hack on my BES Server. I also have machines that will be offsite and may not be able to receive network communication from the BES Server, therefore, it would be nice for the BES Client to check in at my defined interval.
Maybe there will be a BigFix task for this in the future?
It has been created and tested, but it hasn’t been published yet (needed another round of testing)… I will go kick the Fixlet publishers to see if they can look into getting this out…
