Hi,
I’m looking for a way to manage Workgroup computers with my BigFix. They’re currently in the DMZ, and joining them to a domain is not feasible.
With different domains I just set up a LDAP Directory, but I’m not sure how it’s supposed to work outside a domain.
Thanks,
Ely
BigFix is able to manage endpoints regardless of whether or not they are part of a domain.
Is the question how to group the machines for the purpose of assigning management rights to operators, or targeting actions, or similar?
Or is the question how to deploy the BigFix agent to these machines?
If I want to deploy updates/install new software on my managed computers, it has been my understanding that I’m managing them with the LDAP Directories I configured in BigFix for the domains where these computers are.
Is it much simpler? Ie it’s enough for me to install the agent on a workgroup computer along with the correct masthead?
The LDAP directories that you can configure within the BigFix Console are primarily used for BigFix Console operator authentication, and are not associated with the endpoints themselves.
If you want to be able to deploy updates or new software, as you suggest, it is simply a matter of installing the BigFix agent on the workgroup computer (with the correct masthead), ensure connectivity through the Relay architecture to the Root Server, and assign sites/management rights as usual.
On the endpoint itself, by default, the BigFix agent will use Local SYSTEM or root credentials to perform its work including installations (and though not applicable in this case, installations can also be configured to run as a logged in user, or domain user as well)
Thanks! It seems I outsmarted myself.