Using BigFix to run various OS native scripts OR Executing Different kind of native scripts using BigFix

BigFix is an endpoint management platform that enables organizations to manage endpoints effectively through collaboration between IT Operations and IT Security Teams. We support 100+ operating system versions, along with a large number of third-party applications. Sometimes, organizations may seek specific configuration changes in security, registry, or configuration files to enhance the environment's security and protect it from malicious actors.

?

These changes are typically requested by IT Security for Operating System teams. Subsequently, OS teams attempt to develop scripts in native languages like PowerShell, Batch, or Shell script to modify the NTP server, edit host file entries, or adjust the DNS server name to which the endpoint is pointing. These scenarios are just examples.

?

As a BigFix Admin, you may encounter challenges when creating Fixlets or Tasks to streamline the work of OS teams. We have provided some templates that can be used to execute native scripts, reducing the OS team's bandwidth utilization.

?

Example 1: Creating a task to execute a PowerShell script on Windows OS:

?

Open BigFix Console >> Create Fixlet and give it relevant name and description >> Mention the below script in Action tab and #Replace the script by your simple PowerShell command >> OK >> Test it >> Ready for deployment on the basis of success rate.

?

/// Disable wow64 redirection on x64 OSes

action uses wow64 redirection {not x64 of operating system}

delete __createfile

// CREATEFILE

createfile until END_OF_FILE

# REPLACE THE FOLLOWING WITH THE SCRIPT YOU WANT TO RUN ON THE ENDPOINT

get-help | Out-File "{(pathname of folder "__BESData\__Global\Logs" of parent folder of client)}\config_powershell.log"

END_OF_FILE

delete powershell.ps1

move __createfile powershell.ps1waithidden { pathname of file ((it as string) of value "Path" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" of native registry) } -ExecutionPolicy Bypass -File powershell.ps1

Example 2: Creating a task to execute a Batch script by using the BigFix:

Open BigFix Console >> Create Fixlet and give it relevant name and description >> Mention the below mention script in Action tab and replace the script by your simple PowerShell command >> OK >> Test it >> Ready for deployment on the basis of success rate.

// Create a temporary batch script using createfile

delete __createfile

createfile until END_OF_FILE

@echo off

echo Hello, this is your batch script!

REM Add your batch script commands here

END_OF_FILE

delete Script.bat

// Save the temporary file

move __createfile Script.bat

// Execute the batch script

waithidden cmd.exe /C Script.bat

Creating a task to execute a shell script by using the BigFix:

Open BigFix Console >> Create Fixlet and give it relevant name and description >> Mention the below script in Action tab and #Replace the script by your simple PowerShell command >> OK >> Test it >> Ready for deployment on the basis of success rate.

?// Create a temporary shell script using createfile

delete __createfile

createfile until END_OF_FILE

#!/bin/bash

echo "Hello, this is your shell script!"

# Add your shell script commands here

END_OF_FILE

?// Save the temporary file

move __createfile "/tmp/Script.sh"

?// Execute the shell script

wait chmod +x "/tmp/Script.sh"

wait /bin/sh "/tmp /Script.sh"

Above mentioned templates are the example to execute OS native scripts by using BigFix however BigFix is giving you more power to create your Tasks or Fixlets by using Apple script, Shell script and PowerShell without the Action Script.

Navigate to BigFix Console >> Tools >> ?Create Fixlet >> Actions >> Choose your favourite script from “Script type” drop down and start writing your Fixlet in some OS native language.

We encourage you to register free of cost for our upcoming learning classes and enhance your skill set by learning complete Endpoint Management using BigFix.

?

Thank you for taking the time to read the article. We would appreciate it if you could provide topics you would like to see in upcoming LinkedIn posts."