Deploying BigFix Agents
By deploying the BigFix Agent to devices, BigFix administrators can use all the capabilities of BigFix on those devices.
- Master operators can deploy a BigFix Agent on an MDM device
- Users other than master operators who have the Can use WebUI, Can Create Actions, and Custom Content permissions can deploy a BigFix Agent on MDM devices.
To deploy the BigFix Agent, follow these steps:
- Select at least one device that is managed only by an MDM agent. (Users can also
get a list of devices that don’t have the BigFix Agent installed by using the Note: The devices that are managed by only MDM are indicated by the MDM symbol
next to it.
filter. - Click Deploy.
- From the list, select Deploy BigFix Agent.
- To add or remove devices, on the Deploy BigFix Agent page,
click Edit Devices.
- Configure Relay authentication options.
- Mac Relay Authentication Options: This section is
displayed if Mac endpoints are selected.
- Configure Relay: Enter an IP address or a DNS name.
- Password: Enter the password.
- Include BigFix full disk policy: Select this check box to grant full-disk access privileges to BigFix.
- Windows Relay Authentication Options: This
section is displayed if Windows endpoints are selected.
- Select MSI to deploy: From this list, select the msi file that you have pre-staged on the MDM server.
- Mac Relay Authentication Options: This section is
displayed if Mac endpoints are selected.
- To deploy the BigFix Agent, click Deploy.Note:
- After the action is complete, both MDM and the BigFix Agent can manage the device.
- The IP address and password that are entered as part of configuring a relay are used only by macOS MDM endpoints. Windows MDM devices must have a prestaged MSI with a relay authorization that is already configured as part of the MSI.
- Deploying the BigFix Agent works only if the installers for BigFix Agents are pre-staged on the MDM server. The BigFix WebUI requires at least one .pkg file for macOS and one .msi file for Windows™ devices. If installation packages are not on the MDM server, users receive a warning that says BigFix Agent actions will fail." The WebUI checks for .msi and .pkg files in the /var/opt/BESUEM/packages folder by default to see whether BigFix Agent packages are pre-staged correctly.