We have created several native PowerShell actions and want to set the “Pending Restart” flag upon completion. This is simple using the “BigFix Action Script” and inserting “action requires restart”. Is there anything similar for a PowerShell Action?
We tried creating the registry keys under the BigFix Enterprise Client but this didn’t help. We haven’t tried setting one of the other Windows ones yet that will also trigger “Pending Restart” to be true. Is our only choice to use a “BigFix Action Script”?
Maybe as an actionscript invoked PowerShell script. If you call your PowerShell via actionscript and pass exit 3010 to your script when it ends then you could capture that and pass it back to the action exit status. Eg
wait powershell.exe -command "exit 3010"
continue if {exit code of action = 0 or exit code of action = 3010}
if {exit code of action = 3010}
action requires restart "my_custom_reboot"
endif
@Rony you can also create a registry key which will cause the BigFix Client to mark the machine as Pending Restart
If the action script contains “action requires restart”, the BigFix Client will show the “Restart Needed” Fixlet message and will report “Pending Restart” in the action status. Taking such an action will create the value “HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\BigFix\EnterpriseClient\BESPendingRestart\BESPendingRestart” on Windows client machines. If the appropriate registry key value exists, the client is considered to be in a “pending restart” state.
use the Action Script example and see how the Registry is being built and replicate the behavior on the PowerShell Script itself
Thank you @SLB but I am trying to avoid using an action script. I understand this is simple using BigFix Action Scripts as per my original post. Thank you for the suggestion.
Hello @orbiton, I tried this as previously mentioned and it had no effect. I sent a refresh to see if the status was delayed and then restarted the BESClient to force an update but that just resulted in the deletion of the registry keys.
Have you considered using a Baseline to create a multi-action group? You could run your powershell script in the first action, and a restart required action with a second action.
To provide more context, these PowerShell scripts install and activate language packs. We wanted to deploy them as “offers” so users could see them in the BigFix Self-Service Application and deploy as needed. A baseline would not work here as all LPs are not needed, only the one being requested. They would be offers because some users prefer to remain in the English UI.
It would be great if we could ask a question prior to deployment and only have one action for all LPs. This can be done with parameters in a custom fixlet but not after it is running as an offer. We considered a pop-up from PowerShell instead but I am getting off topic.
You could try adding an entry for PendingFileRenameOperations, which is how BigFix normally checks whether an external process is pending a restart on Windows.
That was my next test, using one of the Windows built-in registry keys. We currently exclude Pending File Rename Operations as this resulted in some devices always requiring reboots. Thanks Jason!
For anyone interested in a solution, we created a key in the registry to trigger the “Pending Restart” flag. We tested the BigFix “BESPendingRestart” first, as previously mentioned, but this did not work.
There must be some other area in the registry BigFix looks to determine if a “pending restart” is needed for BigFix actions.
We then tested one of the other Windows keys BigFix evaluates. The first test failed because this key is restricted to WIndows “TrustedInstaller”.
(i.e.: HKLM\Software\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending)
We are excluding the “PendingFileRenameOperations” using “_BESClient_ActionManager_PendingRestartExclusions”, which left us with only 2 remaining options. We added the lines below to our PowerShell script and this worked consistently.
