Inventory Beacon Getting Hits
We have an issue where a child Beacon for gathering inventory from AD environment. The AD Team stated that they are getting over 100000 hits on their inventory beacon from unknown sources. So to avoid this they shut down the beacon server and we removed the child beacon from Beacon_MT table in compliance db. Now after doing both the steps the AD team says they are getting huge hits on their side as observed on their firewall.
We need assistance in knowing why this is happening and how we can fix this.
But Flexera is asking to remove the registry and try. but we have some 60K devices having issues.
Please suggest how this beacon policy issue can be updated so that this inventory issues will resolve.
To add to this, the beacon in question is no longer within the failover package, so it is not been added via policy download. The policy is not removing the entry from these agents. which can be caused by one of the following:
1) If somebody has configured the settings under a GUID through some other mechanism (i.e. not by installing a failover settings package).
2) If somebody has modified the installation agent cache (e.g. uninstalled the agent, deleted cached files, but left registry settings configured).
What they need is a way to remove this entry from the registry by means of GPO or powershell.
What do you mean by "hit" here? I'm assuming a "hit" is an HTTP request, but if that assumption is wrong then the following comments may be off the mark.
Based on @mcavanagh's notes, it sounds like you have many devices that are currently configured to attempt to communicate with this beacon. I understand you want to update their configuration so they no longer communicate with the beacon.
Some ideas of things to check would be:
- Review agent logs to ensure the agents are successfully updating policy and failover settings details. The agents will be failing to get updates and be effectively orphaned if they don't have details of any other reachable beacons configured.
In that case, you'll have to take some action to re-bootstrap the configuration of these agents. For example, executing a policy update by running a command line like the following with local administrator rights may help:
"c:\Program Files (x86)\ManageSoft\Policy Client\mgspolicy.exe" -t Machine -o DownloadRootURL=http://your-beacon/ManageSoftDL -o UILevel=Auto
- Ensure the failover settings package the agents are downloading no longer contains any reference to the removed beacon. You can get the URL of the failover settings .ndc file from an installation agent launcher.log file - put the URL into a web browser to download and save the .ndc file that you can then inspect in a text editor.
- If the agent configuration settings on a computer continue to contain references to a beacon after installing a failover settings package that does not refer to the beacon then that would suggest the settings were applied at some point in the past in a way that will stop them being automatically removed by the agent - somebody did something (either intentionally or unintentionally) which effectively said you will take responsibility for managing updates to these settings moving forward, and don't want the agent to mange updates automatically.
Beacon details used by the agent are configured under the HKLM\SOFTWARE\WOW6432\ManageSoft Corp\ManageSoft\CurrentVersion\DownloadSettings and UpoadSettings registry keys. You can remove details of any beacons that appear under there that you don't want to be used any longer. Obviously with 60,000 devices you would be needing to automate this in some way - but I'm not sure the agent itself will help you with that if somebody has previously taken an action that has left the agent in a state where it is not continuing to manage these settings.
I want to know the details where this Beacon policy will be available in the server. Please provide me the Path.
how this policy is connected with server or agent. Please help me on this.
Beacon policy settings are held in the file C:\ProgramData\Flexera Software\Beacon\BeaconPolicy.xml on each beacon.
Or if you wondering about agent policy and failover settings that apply on client computers, you will find these details are dynamically generated upon request within IIS on each beacon. You should inspect installation agent log files to get actual URLs used to retrieve these details; the URLs will look like the following:
- http://your-beacon/ManageSoftDL/ClientSettings/Default Failover Settings 409A3F8F826DA980A750249E2B11A3FE/Default Failover Settings.osd