Installing the Server with MS SQL
Starting from Patch 1, BigFix Server on Linux Red Hat 9 supports Microsoft SQL Server 2019 and 2022 (Enterprise and Standard are recommended). Only the SQL Authentication is supported. DSA environments are not supported on the BigFix Linux Server with Microsoft SQL database.
Starting from Patch 2, BigFix Server on Windows Server (2019 or later) and on Linux Red Hat 9 systems supports Google Cloud SQL for Microsoft SQL Server 2022 database. Only the SQL Authentication is supported. DSA configurations are not supported with Google Cloud SQL for Microsoft SQL Server 2022 database.
Before running the installation, to ensure you have all the prerequisites, see Server requirements.
Note: The installation program installs all prerequisites using Yum. For information about how to
configure Yum and Yum repositories, see Configuring Yum and Yum
Repositories.
To install the BigFix Server in your production environment, perform the following steps:
- From the shell where you extract the server package, move to the installation directory,
ServerInstaller_ms_11.0.xxx-rhe7.x86_64and enter the following command:
If you want to generate a response file for future unattended installations, add the -g option followed by the path where to store the response file, as follows:./install.sh./install.sh -g response.txt - To install the Production, enter
2.Note: If you enter1to run the evaluation installation, consider that this type of installation does not support the enhanced security option. For more information about this feature, see Security Configuration Scenarios. - After reading the License Agreement, enter
1to accept it and continue. - Select
1if you want to install all the components. - To use a local database, enter
1:
The local database name of BigFix server isSelect the database: [1] Use a local database [2] Use a remote database Choose one of the options above or press <Enter> to accept the default value: [1]BFEnterprise. The local database name of Web Reports isBESReporting. - Enter the location where the downloaded files for the Clients are
stored:
Choose the server's root folder: Specify the location for the server's root folder or press <Enter> to accept the default value: /var/opt/BESServer - Enter the location where Web Reports stores its
files:
Choose the Web Reports server's root folder: Specify the location for the Web Reports server's root folder or press <Enter> to accept the default value: /var/opt/BESWebReportsServer - Enter the Web Reports HTTPS port
number:
Choose the Web Reports server's port number: Specify the port number or press <Enter> to accept the default value: 8083 - Enter the WebUI HTTPS port
number:
Specify the port number or press <Enter> to accept the default value: 443 - Enter the WebUI HTTP redirect port
number:
Specify the port number or press <Enter> to accept the default value: 80 - Enter the local SQL Server administrative
user:
Specify the user name of the local SQL Server instance owner that you want to use or press <Enter> to accept the default value: sa - Enter the local SQL Server administrative user
password:
Specify the password of the local SQL Server administrative user: Enter the password again for verification: - Enter the name of the BigFix
administrative user.
Create the initial administrative user: Specify the Username for the new user or press <Enter> to accept the default value: BFAdmin - Enter the password of the BigFix administrative
user.
Create the initial administrative user: Specify the password for the new user: - If the local firewall is running, the installation program allows you to configure
it automatically.
Firewall configuration The firewall of the operating system is active on the local server. To enable the communication using the specified ports you can: [1] Configure the firewall now [2] Configure the firewall later Choose one of the options above or press <Enter> to accept the default value: [2]Note: If you run the installation on a RHEL 7 system, you might be using firewalld instead of iptables for managing the firewall. In this case you have to configure the firewall rules manually as a post-installation step. - To run the installation using a BES license authorization file, enter
1.Choose the setup type that best suits your needs: [1] I want to install with a BES license authorization file [2] I want to install with a production license that I already have [3] I want to install with an existing masthead Choose one of the options above or press <Enter> to accept the default value: [1]Note: If you already ran a first installation, or part of it, you can specify option2or3, to install with an existing production license (license.crt, license.pvk) or an existing masthead (masthead.afxm). - Specify if you want to connect to the internet through a
proxy.
Proxy usage [1] Use the proxy to access the internet [2] Do not use the proxy Choose one of the options above or press <Enter> to accept the default value: [2]Note: If you chose to use a proxy, before moving to the next step, perform the steps described in Configuring the proxy. - If you chose to install with a BES license authorization file, specify its location.
- Specify the DNS name or IP address of the computer where you are installing the server. This name is saved in your license and will be used by clients to identify the BigFix server. It cannot be changed after a license is created.
- If you chose to install with a BES license authorization file, specify the password
to be used to encrypt the Site Admin Private Key file that will be
generated.
Site admin private key password: Specify the related site admin private key password: - Specify the size in bits of the key to be used to encrypt the HTTPS
traffic.
Key Size Level Provide the key size that you want to use: [1] 'Min' Level (2048 bits) [2] 'Max' Level (4096 bits) Choose one of the options above or press <Enter> to accept the default: [2] - Choose the folder where the installation will save the generated files:
license.crt,license.pvkandmasthead.afxm.Choose License Folder: Specify a folder for your private key (license.pvk), license certificate (license.crt), and site masthead (masthead.afxm) or press <Enter> to accept the default: ./license - Decide how to send your activation request to HCL. If your
computer is connected to the Internet, you can submit it now by entering
1. If you choose1, move to the next installation step.If you choose
2, see Submitting the license request. - If you chose to install with a production license that you already had, specify the following:
- The location of the license certificate file.
- The location of the Site Admin Private Key file.
- The Site Admin Private Key password.
- Specify the encoding used to store the
content:
Specify the value of the encoding that will be used for the content (FXF Encoding) [1] Thai - [874] [2] Japanese - [932] [3] Chinese (simplified) - [936] [4] Korean - [949] [5] Chinese (traditional) - [950] [6] Central European languages ( Latin 2 ) - [1250] [7] Cyrillic - [1251] [8] Western European languages ( Latin 1 ) - [1252] [9] Greek - [1253] [10] Turkish - [1254] [11] Hebrew - [1255] [12] Arabic - [1256] [13] Baltic - [1257] [14] Vietnamese - [1258] Choose one of the options above or press <Enter> to accept the default value: [8] - Choose
1to accept the default masthead values or2to customize them.If you decide to use custom values, see Customizing the masthead parameters.
- Case 1: If you chose to install using a BES license authorization file, the
following messages confirm that your license request was successfully
processed:
Case 2 If you chose to install with a production license that you already had, specify the folder where the license files will be saved.Info: The license authorization file was successfully processed. Info: The license authorization file can be used only once. It was renamed to ./license/LicenseAuthorization.BESLicenseAuthorization.used_20180801 to indicate that it has already been used. Info: If you want to run the installation again, start from the just-generated ./license/license.crt and ./license/license.pvk
Case 3 If you chose to install with an existing masthead file, specify the following:Choose the license folder: Specify a folder for your site masthead (masthead.afxm) or press <Enter> to accept the default value: ./license- The location of the Site Admin Private Key file.
- The Site Admin Private Key password.
- The location of the deployment masthead file.
- Specify whether the Web Reports service will be run by the root user or not.
Use root user for Web Reports If you specify true, Web Reports service will run with root privileges. [1] True [2] False Choose one of the options above or press <Enter> to accept the default value: [2] - If you chose to run the Web Reports service with a user different from root, specify
the name of an existing user.
Web Reports non-root user name Specify the name of the non-root user for Web Reports (the user must already exists). - Specify the local SQL Server port
number.
SQL Server named instances are only supported by specifying the related TCP port number, so for a named instance to be used with the BigFix Server it is recommended to set the TCP port as static.Specify the local SQL Server port number or press <Enter> to accept the default value: 1433
The BigFix Server installation is
now complete. You can now install the BigFix Console on a Windows™ system and log in with the account you
created during the installation of the server. The default BigFix administrative user is
BFAdmin.
You can find the installation log BESinstall.log and the
BESAdmin command line traces BESAdminDebugOut.txt
in the /var/log folder.