Installing Additional Windows Servers (DSA)
Before proceeding with this section, determine your authentication method and complete the appropriate steps in Authenticating Additional Servers.
For each additional server that you want to add to your deployment, make sure it can communicate with the other servers, and then follow these steps:
- Download the BigFix Server installer having the same version as the one installed on the master server.
- Copy the
license.pvk
andmasthead.afxm
files from the master server to each computer where you intend to install an additional DSA Server. - Each DSA Server must have its own SQL Server database engine, either local or remote. Ensure that each server uses the same SQL Server version. Do not use the same database engine to store the databases of two different DSA servers. Each DSA Server must be able to access its own database engine and also the database engines of the other DSA Servers.
- Use the same authentication method to access all the SQL Server database engines, either Windows authentication or SQL Server authentication. If you chose the Windows authentication method, use the same domain user to access all your database engines. If you chose the SQL Server authentication method, use the same user name and password. Ensure that your database user has sysadmin privileges on all database engines.
- If you are extracting the server installer from the Installation Generator, select
Production Deployment, and I want to install with an existing
masthead. Specify the
masthead.afxm
file from the master server. - On the dialog of the server installer, choose a combination of components that includes the BigFix Server. Do not install the WebUI component on the secondary DSA servers.
- On the Select Database Replication dialog of the server installer, select Replicated Database.
- On the Select Database dialog, select Local
Database to host the server's own database locally (typical for most applications).
When choosing this option, the user that is installing the server will be used to access the
server's own database through Windows authentication.Note: You can also select a remote database hosted on a different computer. In this case ensure that the computer you are installing BigFix on can resolve the hostname of the remote server where the database resides. For additional information see Installing a server with remote database.
- Proceed through the installation dialogs until the Database Connection dialog. Enter the hostname or IP address of the computer hosting the database of your primary server, and the credentials of an account with db_owner permissions on the BFEnterprise database.
- The BigFix Administration Tool displays a pop-up dialog containing an error message in red, which describes a failed connection to the database that the server is trying to replicate from. Ignore this error message and click OK.
- If you select the check box Run the BigFix Diagnostic Tool on the last installation dialog, after you click Finish, the BigFix Server Diagnostics displays a pop-up dialog containing several test failures. Ignore this dialog and click Close.
- On the master server, run the resign security data command by using the BigFix Administration tool.
.\BESAdmin.exe /resignsecuritydata
For additional information on the command, see BESAdmin Windows Command Line.
- Verify that the other servers have been replicated.
Post installation steps
- Depending on the authentication method used to access the SQL Server database engine:
- If you are using Windows Authentication, ensure that the user running the FillDB service on all DSA servers of your environement is the same Windows domain user. This user must have access to all database engines used by your DSA servers. If needed, change the Log On settings of the FillDB service on all your DSA servers accordingly and then restart the service.
- If you are using SQL Authentication, stop the FillDB service on all your DSA servers,
open the registry key
HKLM\Software\Wow6432Node\BigFix\Enterprise Server\FillDB
and add the following string values to all your DSA servers:
and restart the FillDB service.ReplicationDatabase = BFEnterprise ReplicationUser = <login name> ReplicationPassword = <password>
- On the newly-installed server, run the BigFix Administration Tool and select the
Replication tab to see the current list of servers and their
replication periods. Select the newly-installed server from the pull-down menu, and verify in
the list below that it is successfully connected to the primary server. Then select the
primary server in the server drop-down, and verify that it is correctly connected to the new
server. You might need to wait for the next replication period before both servers show a
successful connection.Note: The initial replication can take several minutes to hours, depending on the size of your database. Wait for the replication to complete before taking any actions from a console connected to the secondary DSA server. Moreover, the replication process might get interrupted. If you experience this problem, you can discuss it with your HCL Software Support.
- The replication server window shows you the server configuration for your current deployment. By default, your newly-installed server is configured to replicate directly from the primary server's database every 5 minutes. This time interval can be changed to a bigger value.