Setting up LDAPS authentication

Many different device enrollment options are available with BigFix MDM. One of the options is to configure Secure Lightweight Directory Access Protocol (LDAPS) authentication for Over-the-Air (OTA) enrollment. This limits enrollment to your MDM server to authorized users only. With MCM for BigFix 10, Administrators can manage Windows and Apple® devices by authenticating the device users with LDAPS authentication.

For other device enrollment options, see Device Enrollment

Setting up LDAPS

BigFix Administrators verify the user credentials by using the LDAPS authentication before the devices can enroll with the BigFix MDM Server.
The following prerequisites must be met for the devices to connect to the Microsoft Active Directory Server (MSAD) or LDAP server:
  • An LDAPS URL
  • The Base Distinguished Name (base DN)
  • The Bind Distinguished Name (bind DN)
  • The bind password

These parameters are defined in Fixlets. For details about how to set up and configure an MDM server with Fixlets, see Installing MDM server. For more details about LDAPS settings, see LDAPS parameters.