BigFix Action comment not working for python script on linux server

Nagaraj · January 21, 2026, 7:17pm

Hi All,

We are trying to automate the Defender agent on-boarding process from BigFix, we can Install the rpm and shell file, but not able to execute the python file using below comments.

wait /bin/bash python3 /opt/microsoft/mdatp/conf/scripts/MicrosoftDefenderOnboardingLinuxServer.py


While execute the script from linux server then it is working, but from Bigfix action code given error/exit code 126.

Even below shell comment trying to execute from BigFix console and not working . 

python3 /opt/microsoft/mdatp/conf/scripts/MicrosoftDefenderOnboardingLinuxServer.py



Thanks,
Nagarajan.

JasonWalker · January 21, 2026, 8:07pm

You would likely need to specify the full path to the 'python3' binary. It likely is not part of the $PATH that is being used by the BESClient service (which is running in a non-logon shell so it doesn't source some of the bash dot-files that an interactive logon would load).

Nagaraj · January 22, 2026, 12:56pm

Hi @JasonWalker thanks for your info, I tried below format also with python full path.

wait /usr/bin/python3 /opt/microsoft/mdatp/conf/scripts/MicrosoftDefenderOnboardingLinuxServer.py

But same exit code 126 or 2 showing in BESClient log file.

Thanks,

JasonWalker · January 22, 2026, 1:01pm

Alright, here's my 'general-use' bash script with your command. This should at least provide whatever error output is coming from the shell - the python script itself may have some dependencies that are not met, but in the current form you won't see the error message.

delete __createfile
createfile until BIGFIX_END_OF_FILE_MARKER_TAG_EOF
#!/bin/sh
cd /opt/microsoft/mdatp/conf/scripts
/usr/bin/python3 MicrosoftDefenderATPOnboardingLinuxServer.py
BIGFIX_END_OF_FILE_MARKER_TAG_EOF

delete GeneratedScript.sh
move __createfile GeneratedScript.sh

wait chmod +x GeneratedScript.sh
wait /bin/sh --login -c "./GeneratedScript.sh > '/tmp/bigfix_actionoutput.txt' 2>&1"

Nagaraj · January 22, 2026, 2:21pm

JasonWalker:

delete __createfile
createfile until BIGFIX_END_OF_FILE_MARKER_TAG_EOF
#!/bin/sh
/usr/bin/python3 /opt/microsoft/mdatp/conf/scripts/MicrosoftDefenderOnboardingLinuxServer.py
BIGFIX_END_OF_FILE_MARKER_TAG_EOF

delete GeneratedScript.sh
move __createfile GeneratedScript.sh

wait chmod +x GeneratedScript.sh
wait /bin/sh --login -c "./GeneratedScript.sh > '/tmp/bigfix_actionoutput.txt' 2>&1"

Thank @JasonWalker I have executed the same process and output showing as below

Generating /etc/opt/microsoft/mdatp/mdatp_onboard.json ...
Command 'sudo mkdir -p '/etc/opt/microsoft/mdatp'' returned non-zero exit status 1.

But while I execute manually as below the python file running without error.

[root@xxxxxxx scripts]# python3 MicrosoftDefenderOnboardingLinuxServer.py
Generating /etc/opt/microsoft/mdatp/mdatp_onboard.json ...
[root@xxxxxxxx scripts]#

Thanks

JasonWalker · January 22, 2026, 2:24pm

Ok, good to see. Looks like the Python script itself is trying to create the /etc/opt/microsoft/mdatp and failing.
Does the directory already exist? Does it need to be removed before running the script?
When running under 'root', is using 'sudo' valid on this system?

Nagaraj · January 22, 2026, 2:38pm

Here I see the different from manual execution and BigFix action execution.

[root@xxxxxxx ~]# ls -l /etc/opt
total 0
drwxrwxr-x. 2 root root 29 Jan 16 04:49 BESClient
drwxr-xr-x. 3 root root 19 Jan 17 12:37 microsoft
[root@xxxxxxxx ~]# ls -l /etc/opt/microsoft/
total 0
drwxr-xr-x. 3 root root 36 Jan 20 08:18 mdatp
[root@xxxxxxx ~]# ls -l /etc/opt/microsoft/mdatp/
total 12
drwxr-xr-x. 2 root root 6 Jan 17 12:37 managed
-rw-------. 1 root mdatp 9721 Jan 22 09:04 wdavcfg

While run the python script manually from below location

[root@xxxxxxxx ~]# cd /opt/microsoft/mdatp/
[root@xxxxxxxx mdatp]# cd conf/scripts/
[root@xxxxxxxx scripts]# python3 MicrosoftDefenderOnboardingLinuxServer.py
Generating /etc/opt/microsoft/mdatp/mdatp_onboard.json ...
[root@xxxxxxxx scripts]# ^C
[root@xxxxxxxx scripts]# ls -l /etc/opt
total 0
drwxrwxr-x. 2 root root 29 Jan 16 04:49 BESClient
drwxr-xr-x. 3 root root 19 Jan 17 12:37 microsoft
[root@xxxxxxxx scripts]# ls -l /etc/opt/microsoft/mdatp/
total 20
drwxr-xr-x. 2 root root 6 Jan 17 12:37 managed
-rw-r--r--. 1 root root 7576 Jan 22 09:23 mdatp_onboard.json
-rw-------. 1 root mdatp 9721 Jan 22 09:04 wdavcfg

My observation while we run the python script, then we see mdatp_onboard.json file created under “/etc/opt/microsoft/mdatp”

Any further help to resolve here.

Thanks,

JasonWalker · January 22, 2026, 5:52pm

Maybe the script depends on the current working directory. I noticed in your manual steps you have 'cd' into the directory.
I updated my script above to add a 'cd' step in it, please try that version out

Nagaraj · January 22, 2026, 7:41pm

Hi @JasonWalker ,

We tried with cd the directory and then execute the python file, but it is showing as same error only again.

Generating /etc/opt/microsoft/mdatp/mdatp_onboard.json ...
Command 'sudo mkdir -p '/etc/opt/microsoft/mdatp'' returned non-zero exit status 1.

Thanks,

JasonWalker · January 22, 2026, 11:37pm

I'm afraid there's not much else I could think of, this looks like some problem on your platform or with the python script.
Strange it's expecting to use 'sudo', no script should be silently trying to do 'sudo' since a script can't depend on a user interactively providing a password; in our context, we're already running as root so 'sudo' is not needed, but trying to execute sudo might break things without a running shell.

Nagaraj · February 16, 2026, 5:06pm

yeah we have asked our application team to change/remove the sudo access while run the script from BigFix automation.

Thanks @JasonWalker for your response.