Silent installation

To run a silent installation enter the following command:

./install.sh -f response_file -opt keyword=value
where:
response_file
Is the file containing the keywords to install the product.
keyword=value
Is the keyword and the value of the response file you want to override.

Use the silent mode to install the BigFix server or to run problem determination on a failed installation.

Note: In the response file you can specify a subset of keywords, such as the keywords common to different systems. The missing or invalid keywords are requested by the installation program. The silent installation runs in unattended way only if all the required keywords are specified in the response file.

You can create a response file during an installation by redirecting the installation parameters in a response file using the following command:

./install.sh -g response_file
This is an example of response file for a production server installation:
##BigFix GENERATED RESPONSE FILE
BES_PREREQ_INSTALL="install"
IS_EVALUATION="false"
LA_ACCEPT="true"
COMPONENT_SRV="true"
COMPONENT_WR="true"
COMPONENT_WEBUI="true"
SINGLE_DATABASE="true"
LOCAL_DATABASE="true"
BES_WWW_FOLDER="/var/opt/BESServer"
WR_WWW_FOLDER="/var/opt/BESWebReportsServer"
WR_WWW_PORT="8083"
WEBUI_PORT="443"
WEBUI_REDIRECT_PORT="80"
INSTALL_DB2="yes"
DB2_INSTANCE_NAME="db2inst1"
DB2_DAS_USERNAME="dasusr1"
DB2_FENCED_USERNAME="db2fenc1"
DB2_INSTALL_DIR="/opt/ibm/db2/V11.5"
DB2_PORT="50000"
DB2_USERS_PWD="P@$$w0rd1"
TEM_USER_NAME="MyAdmin"
TEM_USER_PWD="P@$$w0rd1"
CONF_FIREWALL="yes"
BES_SETUP_TYPE="prodlic"
USE_PROXY="true"
PROXY_HOST="PROXYHOST.mydomain.com"
PROXY_PORT="3128"
ADV_PROXY_DEFAULT="false"
PROXY_USER="hans"
PROXY_PWD="P@$$w0rd1"
PROXY_METH="basic"
PROXY_EXLIST="localhost,127.0.0.1"
PROXY_SECTUNNEL="false"
PROXY_DOWN="false"
TEST_PROXY="nofips"
BES_CERT_FILE="/TEM/license.crt"
BES_LICENSE_PVK="/TEM/license.pvk"
BES_LICENSE_PVK_PWD="P@$$w0rd1"
ENCODE_VALUE="1252"
ADV_MASTHEAD_DEFAULT="false"
BES_SERVER_PORT="52311"
ENABLE_FIPS="true"
BES_GATHER_INTERVAL="5"
INITIAL_LOCK="2"
LOCK_CONTROLLER="0"
ENABLE_LOCK_EXEMPT="false"
ENABLE_ARCHIVE_UTF8="true"
BES_LIC_FOLDER="./license"
WR_USEROOT="false"
WR_NONROOT_USER_NAME="MyNoAdmin"
This is an example of response file for an evaluation server installation:
##BIGFIX GENERATED RESPONSE FILE
LA_ACCEPT="true"
IS_EVALUATION="true"
CREDENTIAL_USER_FIRSTNAME="John"
CREDENTIAL_USER_LASTNAME="Smith"
CREDENTIAL_EMAIL="john.smith@mydomain.com"
CREDENTIAL_ORG="HCL US"
SRV_DNS_NAME="DNSHOST.mydomain.com"
BES_SERVER_PORT="52311"
WR_WWW_PORT="8080"
CONF_FIREWALL="no"
DB2_INSTANCE_NAME="db2inst1"
DB2_ADMIN_USER="db2inst1"
DB2_ADMIN_PWD="P@$$w0rd1"
DB2_PORT="50000"
BES_LIC_FOLDER="/opt/iemlic"
PVK_KEY_SIZE="max"
ENCODE_VALUE="1252"
USE_PROXY="true"
ADV_PROXY_DEFAULT="false"
PROXY_USER="none"
PROXY_HOST="PROXYHOST.mydomain.com"
PROXY_PORT="3128"
TEST_PROXY="nofips"
WEBUI_PORT="443"
WEBUI_REDIRECT_PORT="80"
where:
Table 1. Response file keywords

Keyword Values
LA_ACCEPT Accepts the License Agreement:
  • true to accept and continue
  • false to exit the installation
IS_PREREQ_CHECK Available values are:
  • true
  • false
IS_EVALUATION Specifies the type of installation:
  • true to run an evaluation installation
  • false to run a production installation
Note: The evaluation installation does not support the enhanced security option. For more information about this feature, see Security Configuration Scenarios.
CREDENTIAL_USER Specifies the user name. An example is: John Smith.
Note: Valid in the evaluation installation only
CREDENTIAL_USER_FIRSTNAME Specifies the user first name. An example is: John.
Note: Valid in the evaluation installation only
CREDENTIAL_USER_LASTNAME Specifies the user last name. An example is: Smith.
Note: Valid in the evaluation installation only
CREDENTIAL_EMAIL Specifies the user email address. An example is: john.smith@us.ibm.com.
Note: Valid in the evaluation installation only
CREDENTIAL_ORG Specifies the user's organization. An example is: HCL US.
Note: Valid in the evaluation installation only
COMPONENT_SRV Specifies to install the BigFix server component:
  • true to install the server and client
  • false to not install the server and the client
COMPONENT_WR Specifies to install the BigFix Web Reports component:
  • true to install Web Reports
  • false to not install Web Reports
COMPONENT_WEBUI Specifies to install the BigFix WebUI component:
  • true to install the WebUI
  • false to not install the WebUI
SINGLE_DATABASE Creates a master database for later replication or if you only need a single database in your deployment.
  • true to create a single database
  • false to create a replicated database
LOCAL_DATABASE Uses a local or remote database:
  • true to use a local database
  • false to use a remote database through a DB2 client
DB2_ADMIN_USER Specifies the user name of the local DB2 Administrative user. Only if DB2 is already installed.
DB2_ADMIN_PWD Specifies the password of the local DB2 Administrative user. Only if DB2 is already installed.
DB2INST_CONFIGURE Configures the database during the BigFix installation:
  • yes to configure the DB2
  • no to not configure the DB2
Only if DB2 is already installed.
BES_WWW_FOLDER Specifies the installation folder of the BigFix server. The default value is /var/opt/BESServer.
WR_WWW_FOLDER Specifies the installation folder of Web Reports. The default value is /var/opt/BESWebReportsServer.
WR_WWW_PORT Specifies the Web Reports port number.

The default value is 8083 if you are installing BigFix Version 9.5.2 and the configuration is HTTPS.

The default value is 8080 if you are installing BigFix Version 9.5 and the configuration is HTTP.

WR_USEROOT Specifies if the Web Reports service runs as root:
  • true to run the service as root
  • false to run the service with an user different from root
WR_NONROOT_USER_NAME Specifies the user with which the Web Reports service runs.
INSTALL_DB2 Installs DB2 together with the BigFix server:
  • yes to install DB2
  • no to not install DB2
DB2_INSTANCE_NAME Specifies the name of the BigFix database instance. The default value is db2inst1.
Note: Starting from BigFix V9.5, you can install the product on a dedicated DB2 instance with a name different from the DB2 user name. Ensure that the DB2 instance name used to install the BES Root Server cannot contain the following special characters: blanks, tabs \t, returns \n and ; & | " ' < >
DB2_DAS_USERNAME Specifies the username of the account under which the DB2 administration server (DAS) runs. The default value is dasusr1.
DB2_FENCED_USERNAME Specifies the user name of the account used to run user defined functions (UDFs) and stored procedures outside of the address space used by the DB2 database. The default user is db2fenc1.
DB2_INSTALL_DIR Specifies the directory where to install DB2. For example: /opt/ibm/db2/V10.5.
DB2_PORT Specifies the DB2 port. The default value is 50000.
BES_PREREQ_INSTALL Available values are:
  • ignore
  • install
  • exit
BES_PREREQ_DB2_INSTALL Available values are:
  • ignore
  • install
  • exit
DB2_SETUP_FILE Specifies the setup file to install DB2. For example: ../server_r/db2setup.
DB2_USERS_PWD Specifies the DB2 user password.
TEM_USER_NAME Specifies the BigFix user ID to define the initial administrative user. The default value is IEMAdmin.
Note: Valid in the production installation only. In the evaluation installation the default user is EvaluationUser and the password is the password of the DB2 instance user.
TEM_USER_PWD Specifies the password to define the initial administrative user.
Note: Valid in the production installation only. In the evaluation installation the default user is EvaluationUser and the password is the password of the DB2 instance user.
CONF_FIREWALL Configures the firewall to enable the BigFix server or relay to connect to the Internet:
  • yes to set the firewall configuration
  • no not to set the firewall configuration
BES_SETUP_TYPE Specifies the type of setup to run:
  • authfile to install with a BES license authorization file
  • prodlic to install with a Production license that is already available
  • masthead to install with an existing masthead
BES_AUTH_FILE Specifies the path of the authorization file. An example of path is: /opt/iemlic/LicenseAuthorization.BESLicenseAuthorization.
SRV_DNS_NAME Specify the DNS name or IP address of the machine on which to install the server. This name is saved in your license and will be used by clients to identify the BigFix server. It cannot be changed after a license is created.
BES_LICENSE_PVK_PWD Specifies the password of the license.pvk file.
ENCODE_VALUE Specifies the deployment encoding to use when communicating with the infrastructure. The default value is 1252.
PVK_KEY_SIZE Specifies the size in bits of the public key (license.crt):
min
Corresponds to 2048 bits.
max
Corresponds to 4096 bits. This is the default value.
BES_LIC_FOLDER Specifies the License folder where the installation generates and saves license.crt, license.pvk and masthead.afxm. An example of License folder is /tmp/ServerInstaller_9.5-rhel/offlic.
SUBMIT_LIC_REQUEST Submits the request to HCL for getting the license certificate:
  • yes to submit a request from this machine over the Internet for a license certificate (license.crt) and saved in your credential folder.
  • no to save the request to a file and manually submit it to HCL (http://support.bigfix.com/bes/forms/BESLicenseRequestHandler.html). This method might be necessary if your deployment is isolated from the public Internet.
USE_PROXY Specifies a proxy connection to enable the BigFix server to connect to the Internet during the installation:
  • true to set the proxy.
  • false to not set the proxy.
PROXY_USER Specifies the user of the proxy. If the proxy does not require authentication, you must set PROXY_USER to NONE.
PROXY_PWD Specifies the password of the proxy user.
PROXY_HOST Specifies the hostname of the computer where the proxy is running.
PROXY_PORT Specifies the port of the computer where the proxy is running.
ADV_PROXY_DEFAULT Accepts the default proxy configuration settings:
  • true to use the default values
  • false to use custom values.
PROXY_METH Restricts the set of authentication methods that can be used. You can specify more than one method separated by a comma. Available methods are:
  • basic
  • digest
  • negotiate
  • ntlm
By default the proxy chooses the authentication method to use.
PROXY_EXLIST Specifies a comma-separated list of computers, domains, and subnetworks that must be reached without passing through the proxy. For information about the syntax to use, see Setting a proxy connection on the server.
PROXY_SECTUNNEL Specifies whether or not the proxy is enforced to attempt tunneling. Available values are:
  • true to enable proxy tunneling.
  • false to not enable proxy tunneling.
PROXY_DOWN Specifies if all HTTP communications in your BigFix environment, including downstream communications, pass through the proxy. Available values are:
  • true
  • false
TEST_PROXY Specifies if and how the connection to the proxy must tested. This is an optional step. Available values are:
  • nofips to test the connection without using FIPS.
  • fips to test the connection using FIPS.
  • no to not test the connection.
BES_MASTHEAD_FILE Specifies the path to the masthead file.
BES_CERT_FILE Specifies the path to the license certification file.
BES_LICENSE_PVK Specifies the path to the private key file.
ADV_MASTHEAD_DEFAULT Specifies whether or not to accepts the default masthead settings. Available values are:
  • true to use the default values
  • false to use custom values.
BES_SERVER_PORT Specifies the number of the server port. The default value is: 52311.
ENABLE_FIPS Specifies whether or not to enable FIPS 140-2 compliant cryptography. Available values are:
  • true to enable FIPS.
  • false to not enable FIPS.
BES_GATHER_INTERVAL Specifies how long the clients wait without hearing from the server before they check whether new content is available. Available values are:
  • 0 for fifteen minutes.
  • 1 for half an hour.
  • 2 for one hour.
  • 3 for eight hours.
  • 4 for half a day.
  • 5 for one day.
  • 6 for two days.
  • 7 for one week.
  • 8 for two weeks.
  • 9 for one month.
  • 10 for two months.
INITIAL_LOCK Specifies the initial lock state of all clients after installation. Locked clients report which Fixlet messages are relevant for them, but do not apply any actions. The default is to leave them unlocked. Available values are:
  • 0
  • 1
  • 2
LOCK_CONTROLLER Specifies who can change the action lock state. Available values are:
  • 0 to allow any Console operator with management rights to change the lock state of any client in the network. This is the default value.
  • 1 to delegate control over locking to the end user.
  • 2
LOCK_DURATION Specifies the number of minutes that the clients must be locked.
ENABLE_LOCK_EXEMPT Specifies if specific URLs must be exempted from locking actions. Available values are:
  • true
  • false
EXCEPTION_URL Specifies the URL to except from locking actions. Use the following format 'http://domain'.
ENABLE_ARCHIVE_UTF8 Specifies the codepage used to write filenames in the BigFix archives. Available values are:
  • true to write filenames UTF-8 codepage.
  • false to not write filenames UTF-8 codepage.
IS_SILENT Forces the installation to end with a message if a required parameter is missing:
  • true to force the installation to end if a required parameter is missing.
  • false to prompt the user for the missing parameter.
If a parameter is missing the installation variable associated with the missing parameter is reported in the error message.
WEBUI_PORT Specifies the WebUI port number. The default value is 443.
WEBUI_REDIRECT_PORT Specifies the WebUI redirect port number. The default value is 80.