I have never done it myself, but I know some within my organization do. There should be an IBM article on it somewhere.
http://www-01.ibm.com/support/docview.wss?uid=swg21595439
https://darrylmiles.wordpress.com/2012/06/05/deploying-your-ibm-endpoint-manager-agents/
http://www-01.ibm.com/support/docview.wss?uid=swg21506226
Very old post: BigFix client deplpy with AD GPOs?