We’ve had the ILMT in our BigFix environment for about 6 months now. Not my responsibility, however, we’ve just added BigFix Patch licenses to it, and this part is my responsibility. I still mostly use WSUS for patching but needed to move to BigFix so I’d have more control over Server 2016. So bear with me.
The admins that run the ILMT tool have not been keeping the revisions up to date.
My question is,
Can I create an action to update the BigFix server itself to update and install:
“IBM BigFix - Updated Platform Server Components version 9.5.11”
And then the console next?
I don’t have any relays set up yet, so that shouldn’t be an issue.
What is the best way to do what I need to do to get everything updated and running version 9.5.11.191?
BigFix is running on a 2016 server. We do have the Unix “family” of clients reporting that are also on 9.5.8.38, bu these are not my concern at the moment, just the Windows clients.
Any help in this area would be fantastic, because like I said, this is a new world for me.
I am actually planning on upgrading from 9.5.8 to 9.5.11 next week. Win 2016 backend servers with a mix of Windows/Linux/AIX endpoints
The order for upgrading is: Root Server, Web Reports, Console, Relays, Endpoints.
Upgrading the root server has to be done manually as the services need to be stopped. Relays and endpoints are the only things that will be upgraded via console. We prefer to run the manual installer for the root server after a cleanup is run via BESAdmin. My db is roughly 90gb, and when I went to 9.5.8, it took about 2.5 hours to rebuild. We are using SQL2016 on a dedicated server. Total upgrade time was roughly 4 hours including Webreports/Webui and most Windows endpoints.
Edit: Also, don’t forget to restart the BES Service on the root server after completing the upgrading. I forget every time and always freak out when the console won’t connect. Did that in the lab this round also.
The recommended approach is to use the fixlet you cite for “IBM BigFix - Updated Platform Server Components version 9.5.11”, targetting the action to All Computers, in most cases.
The description in this fixlet includes a lot of details and links to the upgrade guides.
This fixlet should not be used on the root server if you are using an external database, DSA configuration, or have customized the service logon credentials rather than using the LocalSystem account. In that case your root should be non-relevant, and instead would be relevant to the “Manual Upgrade Required” fixlet.
The upgrade fixlet would upgrade the root server, web reports, and consoles across the environment (hence targetting “all computers” to take care of any installed console upgrades)
Thanks for the replies… doesn’t sound like a quick an easy update for a novice.
The server is the only server running BigFix, and the sql 2016 database is local on the server on its own drive.
The information in the description made it sound like you could just target the server with the fixlet and you’d be good to go, after your responses it looks like manual upgrade is the way to go.
Actually I expect the fixlet update should work just fine in your case. Always take a good backup of course, and a VM Snapshot if your server is virtualized, but as long as everything is healthy to start with then go for it.
Expect the upgrade to take quite a while, have patience with it.
If you prefer to watch, you can use the “Updated installation folders available” fixlet to download the installers to your server. You should then find the updated setup files at \Program Files (x86)\Bigfix Enterprise\BES Installers. You can just run the BES Server setup manually to watch progress.
Just be aware that remote consoles may take a while to come relevant if you target to all computers. The fixlet can take care of the console on the server machine but remote ones will only come relevant when the client on the machine notices the server has upgraded as the console version must match the server version
This is my recommended method. I really prefer to be able to see what is going on. As mentioned, the update can take a while and makes me feel better seeing where it is
