DowloadJobFailed - besclient fails to download file from BigFix server

Hi All,

I’ve been using a task from to install sysmon on windows systems.
The original task prefetches and an unzip utility.
yesterday, I noticed that the URL is providing a new version of with a new sha value.
I’ve checked that the new version is good, no virus, no malware, installs manually and works fine. So I update my task with the new sha values.
Now, when I issue the task to install sysmon the client does not download the zip file. It receives the task and makes multiple download attempts. But, after a handful of tries, the task fails as follows
ActionLogMessage: (action:14655) Download url: '
ActionLogMessage: (action:14655) Download url: '
At 15:10:56 -0500 -
Report posted successfully
At 15:11:04 -0500 -
ActionLogMessage: (action:14655) JobFailed - cancel and fail action
ActionLogMessage: (action:14655) DownloadJobFailed
At 15:11:05 -0500 -
ActionLogMessage: (action:14655) ending action
If I go to the server and copy the file from the sha1 directory into the workstation client ~/__global/cache directory (that is to say, if I precache the file on the client) the task will run happily.

There is no error on the BF Server.
There is no relay in the loop.
Server and workstation are on the same network segment.
There is no problem with the unzip file. The client downloads it without issue.
There is no antivirus software on the endpoint. it’s just a test system.
There’s no intrusion detection on this network.
This happens on a Win10 system and a Win7 system.

BigFix platform is at 9.5.7

What can I do to troubleshoot this, short of using wireshark to demonstrate how little I know about wireshark and analying pcaps?

Just checking, but…when you modified the sha1 value in your task, did you also update the size?
Did you also leave a copy of the original download in the task (in which case the client should refuse to download two files to the same target name)?

Some antivirus/intrusion prevention systems might flag sysmon as well, any chance you’re getting rejected by other software on the machine / network that’s scanning the http/s used by BigFix but not scanning the SMB connection you’re using to manually copy the file? Try downloading the sha1 using a browser on the client, via http://yourserver:52311/bfmirror/downloads/sha1/your-file-sha1-hash and see whether the download completes. Then try it again with https://yourserver:52311


I’ve changed size parameter to match the new file and it works.
Thanks Jason