Disabling local operators on BigFix Console

Starting from BigFix Version 10.0.8, you can decide to disable the local operators from logging into the BigFix Console, to use LDAP operators instead.

For details about how to disable the local operators, see the securitysettings described in BESAdmin Windows Command Line and BESAdmin Linux Command Line.

After you disable the local operators, when a local operator attempts to log into the BigFix Console, the following error message is displayed by the Console: 
The login operation using a local operator is not allowed.

Furthermore, when you log in using an LDAP user and local operators are disabled, several menu items, buttons and forms will be greyed out in order to avoid accounting operations on both local operators or LDAP users. It will be still possible to associate LDAP groups with BigFix roles and to login with an LDAP user belonging to an LDAP group associated with a BigFix role.

The roles will be inherited according to the LDAP groups - BigFix roles association.

Under Tools, the following menu items will be greyed out:



In the Operators form contextual menu, the following items will be greyed out. The Remove button will still be enabled for the LDAP operators.



In the Operators form, after the selection of an operator, the following buttons will be greyed out: Save Changes, Discard Changes, Remove, Reset Password. The Remove button will still be enabled for the LDAP operators.

In the Operators form, the Details tab will be modified. The Access Restriction group and the Explicit Permissions columns will be hidden. Additionally, the Effective Permissions column will be renamed in Permissions.



In the Assigned Roles tab of the Operators form, the Assign Role and Remove Role buttons will be greyed out.



In the Sites tab of the Operators form, the following buttons will be greyed out: Assign Site, Remove Site, Owner, Writer, Reader. Additionally the Explicit Permissions columns will be hidden and the Effective Permissions column will be renamed in Permissions.

In the Operators form, the Computer Assignments tab will be hidden.

In the WebUI Apps tab of the Operators form, the buttons Allow and None will be greyed out. Additionally the Explicit Permissions columns will be hidden and the Effective Permissions column will be renamed in Permissions.

In the Operators tab of the Roles form, the Assign User and Remove User buttons will be greyed out.

In the Operator Permissions tab of the WebUI App form, the Allow and None buttons will be greyed out. Additionally the Explicit Permissions columns will be hidden and the Effective Permissions column will be renamed in Permissions.