I have the installation command and executable file to deploy an endpoint protection agent. Need guidance in creation of fixlet to deploy on group of identified servers in my environment. Could you point me in the right direction towards creating the fixlet. Thank you
How far have you gotten? A good starting point would be the âManage Software Deploymentâ dashboard in the console, or the Software Deployment app in the WebUI. That handles uploading your binary to the root server and building a template action to download the installer to your endpoint, and has an input for you to enter the command lines you need.
For some installer types, it may also generate working relevance to detect whether the application is already installed, or you may need to modify the detection relevance if the wizard canât determine that on its own.
This is what Iâm working with - I have the installation commands and the executable file for an antivirus agent called endgame. There does not exist a module for software distribution. I need to create a fixlet to install this agent on several servers. Is it possible to deploy this agent by creating a fixlet to do so?
Do you have a âManage Software Distributionâ dashboard? It may be part of the BigFix Lifecycle license, so it might not be included in your license. Check for a âLifecycleâ Domain at the bottom-left of your console.
The Software Distribution dashboard certainly simplifies things, but yes you could manually create a package for it. The basics are
-
Find a place to host your installer file. Often this would be a separate web server inside your network that is reachable by the BigFix server, but you could also copy it to the bigfix server itself under the wwwrootbes/Uploads folder. In that case when you write your Task, youâd use a download URL like https://your.bigfix.server.com:52311/Uploads/InstallerDirectory/setup.exe
-
Determine the size, sha1, etc. that youâll need for the download command. You can do this locally on your machine using the Fixlet Debugger. Use the queries
(size of it, sha1 of it, sha256 of it) of file "c:\temp\setup.exe"
-
Create a Task. The action script should be something like
prefetch size:12345 sha1:aabbccdd url:https://your.bigfix.server.com:52311/Uploads/InstallerDirectory/setup.exe sha256:bbccddee
waithidden __Download\setup.exe [your installer commands]
-
determine Relevance for the task. Some common relevances that are often reused would be something like
windows of operating system
not exists keys whose (value "DisplayName" of it = "Your Application" and value "DisplayVersion" of it as string as version >= version "5.1") of keys "HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall" of (x32 registries; x64 registries)
We do not have Software Distribution Dashboard. Thank you for your assistance. I really appreciate it. I will reach out to you if I encounter problems. Thanks again
The operator âsha256â is not defined. so for step 3 the second line is not required.
What version of client / debugger are you running? I thought the âsha256 of fileâ inspector has been around for quite a while?
the version of the Fixlet Debugger is QnA 5.0.3.0
Come again?
What version of BigFix platform are you using? Like the server and client version?
You should be using the fixlet debugger version to match, usually. And I really hope your version at least starts with 9.2 or 9.5âŚ
My BigFix version is 9.5. In my environment Iâm having difficulties retrieving the latest version of the debugger hence Iâm using an older version
I was able to get to QNA version 9.5.12
Good morning while constructing action script I receive an error unable to parse action script line 1
my script looks like this
prefetch size:### sha1:###
url:\(internal location of exe file)
sha256:###
waithidden__download\(internal location of exe file)
config instructions
What am I doing wrong
Thanks
Apologies, I gave a slightly wrong syntax for the prefetch statement. There is no tag for âurl:â, just supply the url itself.
Example:
prefetch hodor.jpg sha1:ce842e0af799f2ba476511c8fbfdc3bf89612dd0 size:57656 http://i.imgur.com/YAUeUOG.jpg sha256:74f69205a016a3896290eae03627e15e8dfeba812a631b5e0afca140722a322b
https://developer.bigfix.com/action-script/reference/download/prefetch.html
That clears up one thing for me. Thanks. the last problem that Iâm having is in order to install the product, I need to open a command prompt on the destination server in order to run the installation commands.
This is what I have. The installation commands need to be run from a command prompt on the local server. Prefetch retrieves the exe file from the remote server, than I need to open a command prompt on the destination server receiving the app in order to run the installation commands on the server that is receiving the app.
When making the corrections to the action script, I still receive the unable to parse action script line 1 error message. To install the app locally, you open a command prompt and run .exe file with -c to reference a cfg file with its commands. Iâm trying to install this app through a fixlet and only local installation procedures were provided. I hope this makes sense and thank you for your help
Am I on the right track.
prefetch file sha1: size:
sha256:
waithidden_download(file location)
run âc:\windows\System32\cmd.exeâ
the installation instructions place the âexe fileâ -c calls for the (.cfg file) -k and other commands
Is the run command enough to open the command prompt to run the installation commands at this pint in time. Also when it downloads the exe file do I need to run a similar command to obtain the cfg file as well. Iâm not sure BigFix at this time has identified or established the cfg file during this installation.
Thank you
Iâm not sure what youâre trying to do thereâŚyou just want to open a command prompt and then type (or have the user type) in the installation commands?
Bigfix is about managing computers at scale, so you donât type anything in at the endpoint.
An example of how youâd do thisâŚ
prefetch <options for the installer>
prefetch <options for the config file>
waithidden __Download\setup.exe -c "{pathname of file "config" of download folder}" [any other options here]
You need to find command-line options to make the install completely silent - it canât pop up a question for the user, or make you click âok to continueâ or anything like that.
Once you have all the options youâd take an action to install it on any computers where its needed - without having to log on to those computers or type any commands.
Thank you for making this clearer for me. I made the corrections in my script and I have run into one final error. My error is that it wants to track the installation progress and pike it into a file "c:\windows\system32\logfiles\sensor_install.log. Do I simply verify that this folder location exists on Windows 2008 and 2012 targeted servers. This happens to be the last line of the action script and is highlighted in red.
I donât think that youâve posted your script, or even told us what product you are installing, so it would be difficult to help you determine whether the installation was successful.
Commonly we would look at the entry from Add/Remove Programs (via the registry inspectors) or the presence of the productâs service (via the services inspector) to judge whether the product was installed successfully, and add those queries to the relevance statements for the task/fixlet.
If you want to read the log file, be sure to deal with the complexity of the 32-bit BESClient reading the 64-bit âsystem32â path. If you try to read file "c:\windows\system32\logfiles\sensor_install.log"
you would be redirected to the syswow64 folder and not find the file. Instead read
file "logfiles\sensor_install.log" of native system folder