Installing BigFix MDM Server for Android endpoints
Learn how to install BigFix MDM server for Android endpoints.
About this task
In this section, you can find instructions on how to install BigFix MCM Server
for Android endpoints using the BESUEM Fixlet Install BigFix Android MDM
Server
.
Before you begin: These prerequisites must be met to install the BigFix MDM Server for Android
endpoints:
- You must have the required certificates and keys. See, MDM SSL Certificates.
- You must have BigFix Agent running on the MDM Server target.
- If you are using non-GSuite (non-Google Workspace) account, you must know the administrator credentials of Managed Google Play Account Enterprise. To learn how to get the Google credentials, see Enroll to Managed Google Play Accounts enterprise
In
the BESUEM Fixlet
Install BigFix Android MDM Server
(Version 2.1.0), provide this information:- Enter the organization name. While enrolling a device, the organization name is displayed to the users along with the rest of the profile information.
- Enter user facing hostname. This is the hostname of the server that the enrolling devices should be pointing to. The value must be the hostname from a valid URL. For example, enter mdmserver.deploy.bigfix.com.
- Enter LDAP parameters. This is used for
authorization to enroll users for MDM over the air. This limits enrollment
to your MDM server to authorized users only. Omitting all LDAP parameters
disables the need for LDAP authentication to enroll for MDM.
- LDAP URL: Valid format is ldap://<server>:<port>. For more information on LDAP URL formats, see https://ldap.com/ldap-urls/
- LDAP Base DN: Valid format "ou=Users,dc=example,dc=org"
- LDAP Bind User: The root point to bind to the server. For example, CN=domain join, OU=Users, OU=demo,DC=demo,DC=bigfix, DC=com DC=mydomain, DC=mycompany, DC=com. "user@example.org"
- LDAP Bind Password: The password entered here is encrypted and
stored in the
MDM_PARAM_4.enc
file in the/var/opt/BESUEM/certs
directory.Note: LDAP Authentication is turned on by default.
- Upload the files containing the details of the MDM Server
TLS certificate and key contents.
- TLS key password: Enter a string to set TLS key password.
- In the MDM Server TLS Certificate section, click Upload
File and browse through the location to select the
TLS
.crt
file to be used. - In the MDM Server TLS Key section, click Upload
File and browse through the location to select the
TLS
.key
file to be used.
- Upload the files containing the MDM Server authentication
certificate and key contents.
- In the MDM Server Certificate Authority section, click Upload File and browse through the location to select the ca.cert.pem file.
- In the MDM Server Certificate content section, click Upload File and browse through the location to select the server.cert.pem file.
- In the MDM Server Key section, click Upload File and browse through the location to select the server.key file.
- Android Server Admin Credentials: This field appears when you select Android
as the operating system. If you are using non-G-Suite account, enter a
username and password to login into Admin Configuration page (Example:
https://MDM_ENROLLMENT_SERVER/config) to proceed with Enterprise
Registration and create Google credentials.
- Android Server Admin Username: Enter the user name
- Android Server Admin Password: Enter the
passwordTip: To learn how to generate googlecredentials.json file, see Enroll to Managed Google Play Accounts enterprise.
- Deploy the task to targeted systems.