Install BigFix MDM Service for Windows
Learn how to install BigFix MDM Service for Windows to provide MDM service on Windows through WebUI.
Before you begin
- You must be a Master Operator to perform this task through WebUI.
- You must have the wnscredentials.json file ready to upload. For the work flow to create this file, see Generating WNS credentials.
- You must have a Trusted CA TLS certificate.
- You must have the BigFix Agent running on the MDM Server target.
- You must have the BigFix Plugin Portal installed and running on the MDM Plugin target
About this task
To install BigFix MDM Service for Windows:
- From the WebUI main page, select .
- On the Modern Client Management page, click Admin.
- On the Admin page, from the left navigation, under MDM
Servers, select Install.
- Select Target Device for server. Click Select and select an appropriate target on which you want to install the MDM server.
- Select Target Device for Plugin. Click Select and
select an appropriate target on which you want to install the MDM
server.Note:
- You need MDM Plugin to set up a connection between the MDM Servers and the BigFix Plugin Portal. MDM Plugin communicate with the MDM Server through REST APIs and the AMQP protocol using client certificates.
- Ensure that the server host is running the Plugin Portal and that the BigFix agent is running locally. For details about installing the BigFix Client, see Installing the BigFix components.
- From MCM v3.4 onwards, the plugin can be installed from the same screen as the MDM server, making the process simpler and more convenient.
- Server Install Type: For Select OS, select Windows to manage Windows devices.
- Pre-requisite System Check: Click Run Prerequisite
Scanto scan the MDM target device and verify that all
prerequisites are installed or configured. Review the scan results and
ensure success before proceeding with the install parameters.Note: If the scan detects any issues, refer to Prerequisite & Connectivity Scan for more information to resolve the issues.
- Install Parameters:
- Organization Name: Enter a string. While enrolling a device, the organization name entered here is displayed to the end users.
- User Facing Hostname: For over the air
enrolls, this is the hostname of the server where users can visit to
enroll in MDM. The value must be a valid FQDN that is accessible
from the Internet. For example,
mdmserver.deploy.bigfix.com.Note: https:// should not be included here.
- TLS Credentials: Upload the MDM Server TLS certificate and
key files.
- TLS Key Password: Enter a string to set the password to encrypt the TLS key.
- TLS Certificate: Click Upload File and browse through the location to select the TLS .crt or .pem file.
- TLS Key: Click Upload File and browse through the location to select the unencrypted TLS .key file that was previously saved. Refer to BigFix MDM Server TLS Certificate Content.
- WNS Credentials: This field appears when you select
Windows as the operating system. Click Upload File and browse through the
file location to select the wnscredentials.json
file.Tip: For more information on how to generate wnscredentials.json file, see Generating WNS credentials.
- Click Install.
Results: This action completes these activities:
- Downloads a set of Podman images from software.bigfix.com which is needed for the MDM installation.
- Installs the services and certificates including the Plugin certificates and the TLS certificate on which the server runs.
- Applies all required configurations.
- After successful installation, you can find the MDM plugin files at this
location:
- Windows — C:\Program File (x86)\BigFix Enterprise\BES Plugin Portal\Plugins
- Linux
- Binaries — /opt/BESPluginPortal/Plugins
- Data files — /var/opt/BESPluginPortal