Install BigFix MDM Service for Windows
Learn how to install BigFix MDM Service for Windows to provide MDM service on through WebUI.
Before you begin
- You must have the wnscredentials.json file ready to upload. For the work flow to create this file, see Generating WNS credentials.
- You must be a Master Operator to perform this task through WebUI
About this task
To install BigFix MDM Service for Windows:
- From the WebUI main page, select .
- On the Modern Client Management page, click Admin.
- On the Admin page, from the left navigation, under MDM
Servers, select Install.
- Select Target Device. Click Edit Devices and select an appropriate target to install the MDM server on.
- Server Install Type: For Select OS, select Windows to manage Windows devices.
- Install Parameters:
- Organization Name: Enter a string. While enrolling a device, the organization name entered here is displayed to the end users.
- User Facing Hostname: For over the air enrolls, this is the hostname of the server where users can visit to enroll in MDM. The value must be a valid URL. For example, mdmserver.deploy.bigfix.com.
- LDAP parameters: This is used for authorization to enroll users for MDM over
the air. This limits enrollment to your MDM server to authorized users only.
Omitting all LDAP parameters disables the need for LDAP authentication to
enroll for MDM.
- Enable LDAP Auth: Select this check box only
if you want to enable LDAP Authentication. Note: For over the air enrollments, select this check box to ensure that the incoming enrollment requests are from authorized users. If LDAP auth is not enabled, any user who has access to the MDM enrollment URL can get enrolled into MDM.
- LDAP URL: Valid format is https://<server>:<port>. For more information on LDAP URL formats, see https://ldap.com/ldap-urls/
- LDAP Base DN: Valid format "dc=example,dc=org"Note: Configuring multiple Base DNs is not supported.
- LDAP Bind User: The root point to bind to the server. For example, DC=mydomain,DC=mycompany,DC=com. "user@example.org"
- LDAP Bind Password: Enter a string.
- Enable LDAP Auth: Select this check box only
if you want to enable LDAP Authentication.
- TLS Credentials: Upload the MDM Server TLS certificate and
key files.
- TLS Key Password: Enter a string to set TLS key password.
- TLS Certificate: Click Upload File and browse through the location to select the TLS .crt file.
- TLS Key: Click Upload File and browse through the location to select the TLS .key file.
- MDM Server Authentication Certificate and Key Content:
Upload the MDM Server authentication certificate and key files.
- For Certificate Authority, click Upload File and browse through the file location to select the ca.cert.pem file.
- For MDM Server Certificate, click Upload File and browse through the file location to select the server.cert.pem file.
- For MDM Server Key, click Upload File and browse through the file location to select the server.key file.
- WNS Credentials: This field appears when you select
Windows as the operating system. Click Upload File and browse through the
file location to select the wnscredentials.json
file.Tip: For more information on how to generate wnscredentials.json file, see Generating WNS credentials.
- Click Install.
Results: This action completes these activities:
- Downloads a set of docker images from software.bigfix.com which is needed for the MDM installation.
- Installs the services and certificates including the Plugin certificates and the TLS certificate on which the server runs.
- Applies all required configurations.