Installing the Server
Before running the installation, to ensure you have all the prerequisites, see Server requirements.
To install the BigFix Server in your production environment, perform the following steps:
- From the shell where you extract the server package, move to the installation directory,
ServerInstaller_9.5.xxx-rhe6.x86_64
and enter the following command:
If you want to generate a response file for future unattended installations, add the -g option followed by the path where to store the response file, as follows:./install.sh
./install.sh -g response.txt
- To install the Production, enter
2
:Select the type of installation [1] Evaluation: Request a free evaluation license from HCL. This license allows you to install a fully functional copy of the BigFix on up to 1000 clients, for a period of 30 days. [2] Production: Install using a production license or an authorization for a production license. Choose one of the options above or press <Enter> to accept the default value: [1]
Note: If you enter1
to run the evaluation installation, consider that this type of installation does not support the enhanced security option. For more information about this feature, see Security Configuration Scenarios. - After reading the License Agreement, enter
1
to accept it and continue. - Select
1
if you want to install all the components:Select the BigFix features that you want to install: [1] All components (server, client, Web Reports and WebUI) [2] Server and client only [3] Web Reports only [4] WebUI and client only [5] Server, WebUI and client only [6] Web Reports, WebUI and client only [7] Server, Web Reports and client only Choose one of the options above or press <Enter> to accept the default value: [1]
- Enter
1
to create a single database or a Master database for later replication. Enter2
if you want to create a replica of an existing master database. For additional information, see Using multiple servers (DSA).Select the database replication: [1] Single or master database [2] Replicated database Choose one of the options above or press <Enter> to accept the default value: [1]
- To use a local database, enter
1
:
The local database name of BigFix server isSelect the database: [1] Use a local database [2] Use a remote database Choose one of the options above or press <Enter> to accept the default value: [1]
BFENT
. The local database name of Web Reports isBESREPOR
. - Enter the location where the downloaded files for the Clients are
stored:
Choose the server's root folder: Specify the location for the server's root folder or press <Enter> to accept the default value: /var/opt/BESServer
- Enter the location where Web Reports stores its
files:
Choose the Web Reports server's root folder: Specify the location for the Web Reports server's root folder or press <Enter> to accept the default value: /var/opt/BESWebReportsServer
- Enter the Web Reports HTTPS port
number:
Choose the Web Reports server's port number: Specify the port number or press <Enter> to accept the default value: 8083
If you are installing BigFix Version 9.5, the default value is
8083
. If you are upgrading to BigFix Version 9.5, the default value is80
. - Enter the WebUI HTTPS port
number:
Specify the port number or press <Enter> to accept the default value: 443
- Enter the WebUI HTTP redirect port
number:
Specify the port number or press <Enter> to accept the default value: 80
- Specify the name of the local DB2 instance used by BigFix, or accept the default name:
Local DB2 instance name The DB2 instance used by the BigFix requires specific configuration for performance optimization. It is therefore suggested that you use a dedicated DB2 instance. Specify the name of the local DB2 instance that you want to use or press <Enter> to accept the default value: db2inst1
Note: The DB2 instance to be used is always the instance local to the system where you are installing the server. If you are performing an installation with a remote database, you must use the DB2 instance specified on the DB2 client and not the one specified on the remote DB2 server. - Enter the user name for the DB2 local administrative user. The default is
db2inst1
.DB2 local administrative user Specify the user name of the local DB2 instance owner that you want to use or press <Enter> to accept the default value: db2inst1
- Enter the DB2 local administrative user password.
DB2 local administrative user password: Specify the password of the local DB2 administrative user:
- Enter
1
to apply an optimized configuration to the DB2 instance or2
to skip the configuration.DB2 instance configuration The specified DB2 instance can be configured to optimize the BigFix performance. Be aware that the configuration settings will be applied to all databases that belong to the selected DB2 instance. [1] Configure the specified DB2 instance. [2] Skip the DB2 instance configuration. Choose one of the options above or press <Enter> to accept the default value: [1]
- Enter the name of the BigFix
administrative user.
Create the initial administrative user: Specify the Username for the new user or press <Enter> to accept the default value: IEMAdmin
- Enter the password of the BigFix
administrative
user.
Create the initial administrative user: Specify the password for the new user:
- If the local firewall is running, the installation program allows you to configure it
automatically.
Firewall configuration The firewall of the operating system is active on the local server. To enable the communication using the specified ports you can: [1] Configure the firewall now [2] Configure the firewall later Choose one of the options above or press <Enter> to accept the default value: [2]
Note: If you run the installation on a RHEL 7 system, you might be using firewalld instead of iptables for managing the firewall. In this case you have to configure the firewall rules manually as a post-installation step. - To run the installation using a BES license authorization file, enter
1
.Choose the setup type that best suits your needs: [1] I want to install with a BES license authorization file [2] I want to install with a production license that I already have [3] I want to install with an existing masthead Choose one of the options above or press <Enter> to accept the default value: [1]
Note: If you already ran a first installation, or part of it, you can specify option2
or3
, to install with an existing production license (license.crt, license.pvk
) or an existing masthead (masthead.afxm
). - Specify if you want to connect to the internet through a
proxy.
Proxy usage [1] Use the proxy to access the internet [2] Do not use the proxy Choose one of the options above or press <Enter> to accept the default value: [2]
Note: If you chose to use a proxy, before moving to the next step, perform the steps described in Configuring the proxy. - If you chose to install with a BES license authorization file, specify its
location:
License Authorization Location Enter the location of the license authorization file that you received from HCL or press <Enter> to accept the default: ./license/LicenseAuthorization.BESLicenseAuthorization
- Specify the DNS name or IP address of the computer where you are installing the server. This
name is saved in your license and will be used by clients to identify the BigFix server. It cannot be changed after a
license is
created.
This name is recorded into your license and will be used by Clients to identify the HCL BigFix Server. It cannot be changed after a license is created. Enter the DNS name of your HCL BigFix server or press <Enter> to accept the default value: 'HOSTNAME'
- If you chose to install with a BES license authorization file, specify the password to be used
to encrypt the Site Admin Private Key file that will be
generated.
Site admin private key password: Specify the related site admin private key password:
- Specify the size in bits of the key to be used to encrypt the HTTPS
traffic.
Key Size Level Provide the key size that you want to use: [1] 'Min' Level (2048 bits) [2] 'Max' Level (4096 bits) Choose one of the options above or press <Enter> to accept the default: [2]
- Choose the folder where the installation will save the generated files:
license.crt
,license.pvk
andmasthead.afxm
.Choose License Folder: Specify a folder for your private key (license.pvk), license certificate (license.crt), and site masthead (masthead.afxm) or press <Enter> to accept the default: ./license
- Decide how to send your activation request to HCL. If your computer is
connected to the Internet, you can submit it now by entering
1
.
If you chooseRequest license Your request is now ready for submission to HCl. [1] Submit the request from this machine over the Internet. The request is redeemed for a license certificate (license.crt) and then saved in your credential folder. [2] Save request to a file and send it to HCL at the URL: 'http://support.bigfix.com/bes/forms/BESLicenseRequestHandler.html'. This method might be necessary if your deployment is isolated from the public Internet. Choose one of the options above or press <Enter> to accept the default value: [1]
1
, move to the next installation step.If you choose
2
, see Submitting the license request. - If you chose to install with a production license that you already had, specify the following:
- The location of the license certificate file.
- The location of the Site Admin Private Key file.
- The Site Admin Private Key password.
- Specify the encoding used to store the
content:
Specify the value of the encoding that will be used for the content (FXF Encoding) [1] Thai - [874] [2] Japanese - [932] [3] Chinese (simplified) - [936] [4] Korean - [949] [5] Chinese (traditional) - [950] [6] Central European languages ( Latin 2 ) - [1250] [7] Cyrillic - [1251] [8] Western European languages ( Latin 1 ) - [1252] [9] Greek - [1253] [10] Turkish - [1254] [11] Hebrew - [1255] [12] Arabic - [1256] [13] Baltic - [1257] [14] Vietnamese - [1258] Choose one of the options above or press <Enter> to accept the default value: [8]
- Choose
1
to accept the default masthead values or2
to customize them:Advanced masthead parameters The masthead will be created using the following defaults: Server port number: 52311 Use of FIPS 140-2 compliant cryptography: Disabled Gather interval: One Day Initial action lock: Unlocked Action lock controller: Console Action lock exemptions: Disabled Unicode filenames in archives: Enabled The above default values are suitable for most of BigFix deployments. [1] Use default values [2] Use custom values Choose one of the options above or press <Enter> to accept the default value: [1]
If you decide to use custom values, see Customizing the masthead parameters.
- Case 1: If you chose to install using a BES license authorization file, the following
messages confirm that your license request was successfully
processed:
Case 2 If you chose to install with a production license that you already had, specify the folder where the license files will be saved.Info: The license authorization file was successfully processed. Info: The license authorization file can be used only once. It was renamed to ./license/LicenseAuthorization.BESLicenseAuthorization.used_20180801 to indicate that it has already been used. Info: If you want to run the installation again, start from the just-generated ./license/license.crt and ./license/license.pvk
Case 3 If you chose to install with an existing masthead file, specify the following:Choose the license folder: Specify a folder for your site masthead (masthead.afxm) or press <Enter> to accept the default value: ./license
- The location of the Site Admin Private Key file.
- The Site Admin Private Key password.
- The location of the deployment masthead file.
- Specify whether the Web Reports service will be run by the root user or not.
Use root user for Web Reports If you specify true, Web Reports service will run with root privileges. [1] True [2] False Choose one of the options above or press <Enter> to accept the default value: [2]
- If you chose to run the Web Reports service with a user different from root, specify the name of
an existing
user.
Web Reports non-root user name Specify the name of the non-root user for Web Reports (the user must already exists).
- Enter the port number for the DB2 connection to create the DB2
instance:
DB2 Connection: Specify the DB2 Port Number or press <Enter> to accept the default: 50000
The BigFix Server installation is now
complete. You can now install the BigFix
Console on a Windows™ system and log in with the account you
created during the installation of the server. The default BigFix administrative user is
IEMAdmin.
You can find the installation log BESinstall.log
and the
BESAdmin
command line traces BESAdminDebugOut.txt
in the
/var/log
folder.