I’m working on configuring some Linux clients to connect through a relay instead of the main server, since this environment cannot directly reach the root server.
My goal is to deploy the BigFix agent on these Linux machines so that it already points to a specific relay during installation.
So far, I’ve tried editing the following files:
/var/opt/BESClient/besclient.config → but this always resets back to default.
besclient.config.default → the changes persist, but they don’t seem to take effect.
Connectivity has been confirmed — the Linux machines can successfully reach the relay URL. However, they still do not appear in the Console.
What is the correct way to configure a Linux agent so that it registers with a relay right from the start?
Of Course, You can use the Client Deploy Tool to Install the Client from a machine that have Client Deploy Tool / BigFix Console Installed - You can configure there a Relay - Using the Client Deploy Tool
If you want to use a manual way on the machine itself -
Install Linux Client -
Managing Relay at Installation Time -
You can follow the following Shell Script I’ve used for Manual Installation for Ubuntu machine; you can make changes as you see fit -
#!/bin/bash
# Script to install the BigFix Agent
# Variables
AGENT_URL="https://software.bigfix.com/download/bes/110/BESAgent-11.0.3.82-ubuntu18.amd64.deb"
RELAY_SERVER1="IP-ADDRESS-OF-RELAY"
RELAY_SERVER2="DNS-ADDRESS-OF-RELAY"
MASTHEAD_URL="https://$RELAY_SERVER1:52311/masthead/masthead.afxm"
AGENT_FILE="/tmp/BESAgent-11.0.3.82-ubuntu18.amd64.deb"
MASTHEAD_FILE="/etc/opt/BESClient/actionsite.afxm"
BESCLIENT_CONFIG="/var/opt/BESClient/besclient.config"
BESCLIENT_DIR="/var/opt/BESClient"
BESCLIENT_OPT_DIR="/etc/opt/BESClient"
# Check if BigFix Agent is already installed
if systemctl is-active --quiet besclient; then
echo "BigFix Agent is already installed and running. Skipping installation."
exit 0
fi
# Download the agent package
echo "Downloading BigFix Agent..."
wget --no-check-certificate -q "$AGENT_URL" -O "$AGENT_FILE"
if [ $? -ne 0 ]; then
echo "Error: Failed to download BigFix Agent."
exit 1
fi
# Create the necessary directories
echo "Creating directories..."
mkdir -p "$BESCLIENT_OPT_DIR"
mkdir -p "$BESCLIENT_DIR"
# Download the masthead file
echo "Downloading masthead file..."
wget --no-check-certificate -q "$MASTHEAD_URL" -O "$MASTHEAD_FILE"
if [ $? -ne 0 ]; then
echo "Error: Failed to download masthead file."
exit 1
fi
# Create the besclient.config file
echo "Creating besclient.config..."
cat <<EOF > "$BESCLIENT_CONFIG"
[Software\BigFix\EnterpriseClient]
EnterpriseClientFolder = /opt/BESClient
[Software\BigFix\EnterpriseClient\GlobalOptions]
StoragePath = /var/opt/BESClient
LibPath = /opt/BESClient/BESLib
[Software\BigFix\EnterpriseClient\Settings\Client\__RelayServer1]
effective date = Wed, 06 Jun 2012 11:00:00 -0700
value = https://$RELAY_SERVER1:52311/bfmirror/downloads/
[Software\BigFix\EnterpriseClient\Settings\Client\__RelayServer2]
effective date = Wed, 06 Jun 2012 11:00:00 -0700
value = https://$RELAY_SERVER2:52311/bfmirror/downloads/
[Software\BigFix\EnterpriseClient\Settings\Client\__RelaySelect_Automatic]
effective date = Wed, 06 Jun 2012 11:00:00 -0700
value = 0
EOF
if [ $? -ne 0 ]; then
echo "Error: Failed to create besclient.config file."
exit 1
fi
# Set permissions
echo "Setting permissions..."
chown root:root "$BESCLIENT_DIR"
chmod 700 "$BESCLIENT_DIR"
chown root:root "$BESCLIENT_CONFIG"
chmod 600 "$BESCLIENT_CONFIG"
# Change to /tmp directory
echo "Changing directory to /tmp..."
cd /tmp/
# Install the agent package
echo "Installing BigFix Agent..."
dpkg -i "$AGENT_FILE"
if [ $? -ne 0 ]; then
echo "Error: Failed to install BigFix Agent."
exit 1
fi
# Start the BigFix Client service
echo "Starting BigFix Client service..."
systemctl start besclient
if [ $? -ne 0 ]; then
echo "Error: Failed to start BigFix Client service."
exit 1
fi
# Wait for 1 Minute
echo "Waiting for 1 Minute"
sleep 60 # Wait for 60 seconds (1 minute)
# Restarting the BigFIx Client service
echo "Restarting BigFix Client service..."
systemctl restart besclient
if [ $? -ne 0 ]; then
echo "Error: Failed to restart BigFix Client service."
exit 1
fi
#remove the deb file.
rm $AGENT_FILE
echo "BigFix Agent installation complete."
Use automatic relay selection. Within 1 day, your client will generally connect to it’s closest relay. There are options to configure your environment to prevent some relays from being automatically selected by clients when needed and to prefer one relay over enough buy using weights.
When installing the BigFix client, have the file clientsettings.cfg next to the installer file and it will pull in settings, such as the default relay. I use this on Windows but assume it’s the same on Nix.
After a client has been installed on Linux, the besclient.config will be a live file as long as the client is running. Any changes to the file will be over written. The steps described in the link above will help during the client installation on Linux.