BigFix Agent deployment issues
The MCM Deploy Agent action fails because of an incorrect path in the MDM Server Analysis.
Problem
Unable to deploy BigFix Agent, even though the BigFix Installer is pre-staged in MDM server.
- While deploying BigFix Agent, the available packages list does not show the
latest packages.
- Getting a warning when trying to deploy the BigFix agent, even after
prestaging the BigFix Installer in MDM server.
Cause
Several issues may contribute to this problem:
- Incorrectly uninstalling an old, but now unwanted, MDM server leaves residual files, causing the analysis (if active on that server) to falsely detect the presence of the uninstalled MDM server.
- The
BESAgent Packages Available
analysis points to the incorrect directory - (/var/opt/BESUEM/packages
) instead of the subdirectory (/var/opt/BESUEM/packages/macOS
). - The WebUI is caching outdated information and not using the most recent analysis results.
- If multiple MDM servers are present, the WebUI retrieves the package from the first server in the list rather than from the latest analysis result.
Workaround
Placing the required files in the right directory and ensuring the WebUI correctly identifies and utilizes the latest BigFix agent packages can resolve the above issue. To do that complete the following steps:
-
Cleanup Residual Files:
Manually delete any residual files from the uninstallation of any old, unused MDM server setup, while keeping the current active MDM server setup intact:/var/opt/BESUEM/.env
/var/opt/BESUEM/apple
/var/opt/BESUEM/mac
-
Verify Analysis Configuration:
- For macOS deployments, manually copy any
.plist
and.pkg
files from/var/opt/BESUEM/packages
directory to the/var/opt/BESUEM/packages/macOS
subdirectory. - Ensure the analysis
Apple Modern Client Management MDM Servers
is correctly configured to point to/var/opt/BESUEM/packages/macOS
.
- For macOS deployments, manually copy any
-
Check Analysis Update:
- The analysis runs every 15 minutes. After placing the files in the correct directory, wait up to 15 minutes for the WebUI to update.
-
Verify WebUI Cache:
- Restart BESClient on the MDM Server to use the latest analysis results.
- Verify the WebUI health check at
to ensure all MDM servers show a green light and the associated analyses are activated.https://<webUI Host>/mdm/next/healthcheck
-
Ensure Consistent Package Pre-staging
- When pre-staging BES Agent installers, ensure all MDM servers have the same matching set of BES Agent packages.
- Verify that the WebUI is using the correct and most recent analysis results from all MDM servers, especially if multiple servers are involved.
Note: The above is a temporary fix. For a permanent solution,
BESUEM content update with enhanced analysis will be published soon.