If i run this script on the machine on which all BES components are installed (Server, Database, Console, Admin Tools), it works great, silently, not showing any User Interface.
But we need it to run on another machine, on which only BES Console and BES Admin Tools are installed. If I run it on this machine, a popup appears asking for database “sa” password.
Is there an option (something like /databasePassword…) that allows to run BES Admin through command line without getting this popup ? if yes, same question when using /deleteUser option.
More widely (not sure this is the good way to say it in english ), is there a documentation about the BES Admin Tools command line options ?
We added the BES Admin command line options for a specific customer in BES 6.0, but we never released the public documentation. We will put it on the documentation todo list if it is interesting for people to use.
You should use the “/dsn” option and specify an ODBC source that uses NT Authentication so that you don’t need to bother with the username/password.
I come back to this topic, with a few more questions :
As we are MSSP, we created a customer production script, that runs BESAdmin.exe with command-line options. This works well if only one guy runs it at the same time.
But if two guys runs the script at the same time, we are experiencing two types of error due to BESAdmin.exe :
a popup saying
Site propagation aborted by BES Server
for the following reason: ERROR: Unable to acquire lock; lockfile corrupt. Please manually remove
"lockfile" from propagation server.
The operator is created, but the certificate is not available and the BES Console is not available for this user.
I solve this problem by adding a routine in the script, that tests if BESAdmin.exe is already running, and waits for it not runnig.
a popup saying :
Site propagation aborted by BES Server
for the following reason: Unable to proceed because another user is currently propagating
this site. Please
try again in a few minuts.
The operator is created, and he can use BES Console. So i don’t really know what the consequences of this error.
My questions :
What is the meaning of each popup ?
Does the BESAdmin.exe command line returns error code that we can manage ?
Is there a way to catch these error before the popups appear ?
What tests could we implement in our script to avoid these errors ?
The system i implemented works, ie only one instance of BESAdmin.exe can run at the same time. So the message :
Site propagation aborted by BES Server
for the following reason: ERROR: Unable to acquire lock; lockfile corrupt. Please manually remove
"lockfile" from propagation server.
doesn’t appear any more.
But it seems that even after BESAdmin is closed, the propagation continues a few seconds after, so i always have this message if i an operator is created just after first one :
Site propagation aborted by BES Server
for the following reason: Unable to proceed because another user is currently propagating
this site. Please
try again in a few minuts.
How can i know if a propagation is running ? Any table in the database, or a file as the “lockfile” ?
I would like to add a test to know if a propagation is running, to avoid this message.
By the way, even if this message appears, i can log in the BES Console with the second operator credentials, so i don’t really understand what this “propagation” does. Can you explain me the goal of it ?
Sending actions to agents is a process we call “propagation” (including digitally signing the actions, updating the database, sending the data to the server, etc.) This happens every time you make a change that needs to go to the agents and when a new user is created, there is a propagation step that occurs so that the agents know about the new user (including some digital signature information).
Multiple propagations can simultaneously occur for different users because they use different “operator sites”, but all the master operators and BES Admin share a single “actionsite” and only one propagation of the actionsite is allowed at any one time.
I don’t believe there isn’t any good way to check to see if a propagation is active in the database and we will be changing the way this works in future versions as we streamline the propagation process to make it faster. Perhaps the best thing to do in your current situation is to add a delay after a user is created so that you avoid the lock situation?
I will modify my script (it’s a .hta with vbscript) this way :
Try to create a file C:\running.txt If error (ie the file already exists) Then stop script execution and show a message to user like
"Another user is actually creating an operator. Please try again in few minuts" Else execute production actions (Citrix user creation, BES Operator creation, etc...) remove file C:\running.txt End If
As the script execute others actions after BESAdmin.exe call, it should add a sufficient delay to avoid problems.
I have a training sessions next week with 7 provisioning team guys, who will use this script simultaneously, so it will be a good way to see if this is a good solution
When using the BESAdmin via command line to create a user what is the argument for Key Size?
Also if creating users via command line do I also have to propagate the newly created operator or all operators? Or is that already part of the using the /createuser:…?
Command line for BESadmin.exe must be complete and arguments correct or it will just fall through to the GUI. Check your arguments for correct syntax and you will need them all… I think the only optional argument is the one for the key size, which is not in the eariler examples.