Mac OS Client deployment

Dear @jgstew @jmaple @leewei

Kindly share sudo command for Mac client deployment.

Note: In our environment we have 600 Mac OS x machines and it have different username and passwords, Through nix mac client deployment tool we try to deploy the clients but very few only visible through that, the balance systems we are cant deploy clients through this tool so kindly advise me to resolve this issue and share the pre- requisite for nix installer client deployment tool ( like a ports opening or any dependency)

In all that systems root user is disabled.

Thanks & Regards
Vicky

To use the *nix installer client deployment tool you will need to know a username and password for a user with SUDO rights. I’m not certain what other dependencies there are, but there has to be something to allow it to connect remotely. SSH? Not really sure.

Thank you @jgstew , for every user we need to put credentials so any possibility to enable root user on all system remotely.

This error only i got while deploy client through NIX installer.

Do you currently manage these systems with SSH or ARD or another management option?

With SSH only i think so @jgstew

In that case, you should be able to install BigFix with SSH.

Yes @jgstew but i am facing above error only. once that we clear it then we can done it

But that is to use the deploy tool, not ssh directly.

My general point is if you have an existing method for managing the machines remotely, then use that. If not, then use the deploy tool, which may or may not work depending on your situation.

It should be possible to automate the mass deployment of BigFix using SSH if you already have SSH access to all of the machines in question.

Thank You @jgstew will check all those systems and if its not enable SSH permission , will enable it and continue the deployment.

After that will inform you the status of deployment.

I’m not suggesting that enabling SSH will help with the deployment tool. I don’t actually know if SSH matters for the deployment tool. I’m only suggesting that if you already have SSH access, then that might be the best option.

1 Like

Okay @jgstew Thank you

Hi vikki,
I use a web server and shell script to install the agent through ssh. Using something like csshx on the Mac, I’m able to connect to multiple systems and run this command:
bash <(curl -s http://webserver.com/BESAgentInstall.sh)

The script on the web server downloads the besagent package, places the action site file, and reboots the system:

#!/bin/bash
# Reinstall BESAgent and Actionsite
# Unload daemon
launchctl unload /Library/LaunchDaemons/BESAgentDaemon.plist
# Delete machine records
rm -R "/Library/Application Support/BigFix/BES Agent/"*
rm "/Library/Preferences/com.bigfix.BESAgent.plist"
# Setup Folders
mkdir -p "/Library/Application Support/BigFix/BES Agent/"
# Download new files
curl -o "/Library/Application Support/BigFix/BES Agent/ActionSite.afxm" http://webserver.com/ActionSite.afxm
curl -o "/tmp/BESAgent.pkg" http:/webserver.com/BESAgent-9.2.6.94-BigFix_MacOSX10.6.pkg
# Install bes agent
installer -pkg "/tmp/BESAgent.pkg" -target "/"
currUser=$(stat -f '%u %Su' /dev/console | awk '{print $1}')
# Reboot
if [[ "$currUser" = 0 ]]; then
	shutdown -r now
else
	#User logged in
	launchctl load /Library/LaunchDaemons/BESAgentDaemon.plist
fi

This obviously isn’t the ideal way to deploy the client, and if each of your clients has a different username/pass it’ll be a load of work. I mainly use this code to fix one or two borked clients. Hope it helps!

Rusty

2 Likes

Thanks @rustymyers , that is excellent!