Edit BigFix Client MSI

LouC · February 13, 2024, 4:31pm

Here is an alternative approach to modifying the BigFix Client MSI. Rather than using the Microsoft ORCA tool, you can instead use the following python script. To get a better understanding of what it’s doing please first read @bradsexton81 post here: https://www.linkedin.com/pulse/bigfix-edit-client-msi-off-network-installs-custom-settings-sexton

import win32com.client
import shutil
 
# Path to your original MSI file
original_msi_path = "C:/ClientMSI/BigFixAgent.msi"

# Path for the new MSI file
new_msi_path = "C:/ClientMSI/BigFixAgent_Modified.msi"

# Copy the original MSI to a new location
shutil.copyfile(original_msi_path, new_msi_path)

# Open the copied MSI file
installer = win32com.client.Dispatch('WindowsInstaller.Installer')
db = installer.OpenDatabase(new_msi_path, 1)  # 1 is for transact mode

# Update Property
query_update = "UPDATE `Property` SET `Value`='http://YOUR-RELAY1:52311/bfmirror/downloads' WHERE `Property`='RELAY1'"
view = db.OpenView(query_update)
view.Execute(None)
view.Close()

# Insert into Registry - Registry6 
query_insert_6 = "INSERT INTO `Registry` (`Registry`, `Root`, `Key`, `Name`, `Value`, `Component_`) VALUES ('Registry6', 2, 'SOFTWARE\\BigFix\\EnterpriseClient\\Settings\\Client\\_BESClient_RelaySelect_FailoverRelay', 'value', 'http://YOUR-RELAY2:52311/bfmirror/downloads', 'BESClient.exe')"
view = db.OpenView(query_insert_6)
view.Execute(None)
view.Close()

# Insert into Registry - 7 - set password for DMZ relay
query_insert_7 = "INSERT INTO `Registry` (`Registry`, `Root`, `Key`, `Name`, `Value`, `Component_`) VALUES ('Registry7', 2, 'SOFTWARE\\BigFix\\EnterpriseClient\\Settings\\Client\\_BESClient_SecureRegistration', 'value', 'YOUR-PASSWORD', 'BESClient.exe')"
view = db.OpenView(query_insert_7)
view.Execute(None)
view.Close()

# Insert into Registry - Registry8 - enable command polling
query_insert_8 = "INSERT INTO `Registry` (`Registry`, `Root`, `Key`, `Name`, `Value`, `Component_`) VALUES ('Registry8', 2, 'SOFTWARE\\BigFix\\EnterpriseClient\\Settings\\Client\\_BESClient_Comm_CommandPollEnable', 'value', '1', 'BESClient.exe')"
view = db.OpenView(query_insert_8)
view.Execute(None)
view.Close()

# Insert into Registry - Registry9 - set command poll interval
query_insert_9 = "INSERT INTO `Registry` (`Registry`, `Root`, `Key`, `Name`, `Value`, `Component_`) VALUES ('Registry9', 2, 'SOFTWARE\\BigFix\\EnterpriseClient\\Settings\\Client\\_BESClient_Comm_CommandPollIntervalSeconds', 'value', '3600', 'BESClient.exe')"
view = db.OpenView(query_insert_9)
view.Execute(None)
view.Close()
 
# Commit changes to the new MSI file
db.Commit()

DerrickD · February 13, 2024, 8:10pm

I would have never thought to look for a MSI module in Python.

While I am not a fan of modifying a MSI (prefer MST or specifying properties) I’ll for sure keep this in my back pocket and probably will give it a shot one day when the usecase comes up.