Getting Into Old BigFix Installation

Usage and Config Platform
1

Hi Folks,

We are about to install BigFix for a few thousand servers, but have discovered all the Linux servers already have the client running. this was put in a while back and the installer left the organisation without leaving the passwords. We have a new BigFix server being built and I would like to re-direct the existing agents to log into the new server.

I have LocalAdmin access on the Windows BigFix server. And we can pull root on all the Linux boxes, but that can take some time.

What are my options?

2

Suggest you contact support to see can they direct you on gaining access to that old BigFix system.

If you can gain access to the old BigFix system then you can use a BigFix task to switch them to the new instance. There’s an example in BigFix - I think its the BES Support site, you can use the URL of the masthead of your new server in that task.

3

Since you have a new BigFix server, and presumably a new Masthead, the simple process is to swap out the Masthead files on all of your existing endpoints. The Masthead is what tells the BES Client about the BigFix environment it is part of.

How you do this is up to you, but any scripting method should work as long as you have Administrative/Root access to the servers. If you had access to the old BigFix environment, there are actually Tasks built to do this very process. There are also Tasks available via https://Bigfix.me that you can download if you would like to see the process they use. Simply search for “masthead”.

In it’s simplest form, the process is …

  1. Stop the BES Client service.
  2. Replace the actionsite.afxm file with your new Masthead.
  3. Restart the BES Client service.
4

That should work, and the client should reset in this case as well but be aware some old settings may remain

5

See: How do I migrate my BigFix clients from one deployment to another?

6

Hi Folks,

so I stoped the bes client, copied my new Masthead file to /etc/opt/BESClient/actionsite.afxm and restarted

The client is still trying to use its old relay. what to I need to clean out to get it to ignore the relay and go direct to my new BES Box?

cat /var/opt/BESClient/__BESData/__Global/Logs/20160622.log

Beginning Relay Select
RegisterOnce: Attempting secure registration with 'https://gotsvl1129.got.blah.net:52311/cgi-bin/bfenterprise/clientregister.exe?RequestType=RegisterMe60&ClientVersion=9.0.787.0&Body=0&SequenceNumber=0&MinRelayVersion=7.1.1.0&CanHandleMVPings=1&Root=http://gotsvw1577.got.blah.net%3A52311&AdapterInfo=00-50-56-8a-13-a9_10.120.128.0%2F24_10.120.128.11_0&AdapterIpv6=00-50-56-8a-13-a9^fe80%3A%3A250%3A56ff%3Afe8a%3A13a9%2F64_0
At 16:01:43 +0200 -
Response: RelayRejectClient Error: Different Deployment.
RegisterOnce: Response indicates relay is part of a different deployment.

Thanks for your help.
R.

7

OK, forget I asked!

I see it just needed to go through and reject all relays. Now it has connected perfectly.

8

There is a setting that can speed the process up that you can remove (the same ones you set on installs) but if the client invalidates all of its relays it will eventually just connect to the root server and reset itself.

9

I have been migrating servers to new environment from quite a few days, lately I have been seeing servers and workstations popping back to old environment. When checked the logs I found the below error. Can someone please explain what and why this is? how to fix this?

Response: RelayRejectClient Error: Different Deployment.

10

they are rejecting the Masthead File. Did you create a new one? Do you change the names of your BigFix Server?

11

No action has been taken on the servers, they have been reporting the new env but stopped now and started popping into the old one.