Step 1. Initialize the PowerShell environment

Run the following script to align proxy settings, authentication credentials, and TLS versions with the beacon’s configuration. This prevents false negatives in later tests.

if ($PSVersionTable.PSEdition -ne "Desktop") {

    Write-Error "This script must be run in Windows PowerShell" -ErrorAction Stop

}


$beaconInstallPath = Get-ItemPropertyValue `

    -Path "HKLM:\SOFTWARE\WOW6432Node\ManageSoft Corp\ManageSoft" `

    -Name ETDPInstallDir


Add-Type -Path "$beaconInstallPath\DotNet\bin\Flexera.Beacon.Common.dll"

Add-Type -Path "$beaconInstallPath\DotNet\bin\Flexera.SaaS.Transport.dll"


$bc = New-Object Flexera.Beacon.Common.BeaconConfig


if ($bc::ProxySettingsProxyServerConnectionEnabled) {

    $proxy = [Flexera.SaaS.Transport.Core.ProxyHelper]::GetBeaconConfiguredProxy("http")

    Write-Output "Web proxy details:" $proxy

    [System.Net.WebRequest]::DefaultWebProxy = $proxy

} else {

    Write-Output "No proxy in use"

    [System.Net.WebRequest]::DefaultWebProxy = $null

}


$password = ConvertTo-SecureString $bc::BeaconServicesPassword -AsPlainText -Force

$cred = New-Object System.Management.Automation.PSCredential ($bc::BeaconServicesUserName, $password)


[Net.ServicePointManager]::SecurityProtocol =

    [System.Net.SecurityProtocolType]'Tls,Tls11,Tls12,Tls13'

This returns a structured WebResponseObject with status code, headers, and content. Use this to verify connectivity or diagnose errors. It’s ideal for quick, high-level verification that the parent server is reachable and responsive.

Step 2. Upload test using PowerShell

Checks whether a dummy .ndi file can be uploaded to the parent server. These commands test the process of making a connection to upload a dummy inventory NDI file to the beacon’s parent using the PowerShell Invoke-WebRequest cmdlet.

$ul = $bc::GetUploadLocationDetails()

$url = "$($ul._URL)$($ul._Directory)/Inventories/testing.ndi"

Write-Output "Testing upload using Invoke-WebRequest to $url"

Invoke-WebRequest $url -Credential $cred -Method PUT -Body "test-NDI-content"

Step 3. Upload test using curl.exe

Performs the same test with curl.exe, which may reveal different or more detailed errors. These commands test making a connection to upload a dummy inventory NDI file to the beacon’s parent using the curl.exe tool.

This is similar to testing using the PowerShell Invoke-WebRequest cmdlet, but sometimes testing using different approaches can help to identify issues that may be evident with one approach that are not evident with another approach. Using curl.exe may also be helpful for producing additional diagnostic information that the Invoke-WebRequest may not so easily provide.

$ul = $bc::GetUploadLocationDetails()

$url = "$($ul._URL)$($ul._Directory)/Inventories/testing.ndi"

$curlArgs = @("--verbose", "--request", "PUT", $url, "--data", "test-NDI-content")


if ($bc::BeaconServicesUserName) {

    $curlArgs += @("--user", "$($bc::BeaconServicesUserName):$($bc::BeaconServicesPassword)")

}

if ($bc::ProxySettingsProxyServerConnectionEnabled) {

    $curlArgs += @("--proxy", $proxy.Address)

    if ($proxy.Credentials) {

        $curlArgs += @("--proxy-user", "$($proxy.Credentials.UserName):$($proxy.Credentials.Password)")

    }

}


Write-Output "curl.exe $curlArgs"

curl.exe $curlArgs

Step 4. Policy download test using PowerShell

Verifies that the beacon can download its policy from the parent by making a connection to download beacon policy details from the beacon’s parent using the PowerShell Invoke-WebRequest cmdlet.

$url = "$($bc::BeaconServicesEndpoint)inventory-beacons/api/policy/?tenantUid=$($bc::TenantUID)"

Invoke-WebRequest $url -Credential $cred

This test can help to confirm that the beacon can successfully download its policy, verifying both authentication and endpoint accessibility.

Step 5. Policy download test using curl.exe

Same policy test, run with curl.exe for additional diagnostic output. These commands test making a connection to download beacon policy details from the beacon’s parent using the curl.exe tool.

$url = "$($bc::BeaconServicesEndpoint)inventory-beacons/api/policy/?tenantUid=$($bc::TenantUID)"

$curlArgs = @("--verbose", $url)


if ($bc::BeaconServicesUserName) {

    $curlArgs += @("--user", "$($bc::BeaconServicesUserName):$($bc::BeaconServicesPassword)")

}

if ($bc::ProxySettingsProxyServerConnectionEnabled) {

    $curlArgs += @("--proxy", $proxy.Address)

    if ($proxy.Credentials) {

        $curlArgs += @("--proxy-user", "$($proxy.Credentials.UserName):$($proxy.Credentials.Password)")

    }

}

Write-Output "curl.exe $curlArgs"

curl.exe $curlAr

Outcomes

• Successful test → confirms the parent server is reachable and responding.
• Failure → inspect the error details to identify whether the issue is related to proxy, firewall, certificate validation, or authentication.

Notes on curl.exe

• Windows Server 2019 / Windows 10 (1903+): curl.exe is included by default and uses the Windows certificate store.
• Older systems:
  1. Download curl for Windows.
  2. Add its path to your PATH environment variable (such as, C:\curl\bin).
  3. Verify with: curl.exe --version
• Optional: Configure TLS certificates for standalone curl.exe:

  1. Convert the CA certificate to PEM format.
  2. Append it to ca-bundle.crt:
     -----BEGIN CERTIFICATE-----
     MIID...==
     -----END CERTIFICATE-----
  3. Save the file.

Further troubleshooting

To assist with diagnosing beacon upload and download issues, use the attached PowerShell script, CloudBeaconTest.ps1. This tool automates key connectivity tests, helping to identify configuration or authentication problems. Run it with administrator privileges and share the output with Flexera Support for further analysis.