Integration with Active Directory

You can enable Active Directory users to access the BigFix Web Reports server.

Note: This configuration is not supported on the BigFix Web Reports server running on Linux and it is maintained only for backward compatibility reasons.

To integrate Active Directory with the Web Reports server running on Windows, perform the following steps:

  1. Enable SSL support in Web Reports, to protect user Active Directory credentials.
  2. If the permissions on Active Directory are set so that only some users are able to read the Active Directory data or if the Web Reports server does not belong to the Active Directory domain, you must configure your Web Reports Server service to run as a domain user with permissions to query Active Directory. This user does not need to be a domain administrator or have any permissions to make changes to Active Directory.
    Note: Automatic Fixlet upgrades are enabled only if Web Reports service runs with the local system account.
  3. Log in to Web Reports as a Web Reports administrator.
  4. Navigate to Administration > User Management.
  5. Click the Active directory permissions link.
    Note: To display this link and start configuring Active Directory authentication over LDAP for Web Reports, you must enable LDAP user authentication from the BigFix console.
  6. Enter your Active Directory user name and password. The format of user name must be DOMAIN\username or username@DOMAIN as follows:

  7. Select the domain name:

  8. Select the User container to list the available users in Active Directory for which to grant access:

  9. Select domain groups or users, click Assign roles, and choose the roles or permissions that you want to assign to them:

    In this way you grant access to Web Reports according to the role definition.