Novell ZENWORKS 10 CONFIGURATION MANAGEMENT SP3 - NETWORK DISCOVERY DATABASE STRUCTURE System Administration Manual Download Page 275 | Manualshive

Page: 275 / 374

background image

User Authentication

275

n

ov

do

cx (e

n)

16
Ap
ril 20

10

Extending the eDirectory Schema to enable Shared Secret Authentication

To authenticate in to ZENworks by using Shared Secret authentication mechanism, the schema of
the eDirectory specified when the user source is added must have been extended using novell-
zenworks-configure tool.

Perform the following steps to extend the eDirectory schema:

1

Run the

novell-zenworks-configure

utility on a ZENworks Server:

On Windows:

At the command prompt, change to

ZENworks_installation_path\bin

and

enter the following command:

novell-zenworks-configure.bat -c ExtendSchemaForSmartCard

On Linux:

At the console prompt, change to

/opt/novell/zenworks/bin

and enter the

following command:

./novell-zenworks-configure -c ExtendSchemaForSmartCard

2

You are prompted to continue with the action of extending the Novell eDirectory schema and
adding an optional zcmSharedSecret attribute to the user class. By default, 1 is selected. Press
Enter.

3

Enter the DNS name or IP address of the Novell eDirectory server to extend the schema.

4

You are prompted to select Secure Socket Layer (SSL) or Clear Text communication for
communicating with the eDirectory server. Enter 1 for SSL communication or 2 for Clear Text
Communication, then press

Enter

again.

5

Enter the port for communicating with the eDirectory server.
The default port for SSL communication is 636 and for Clear Text communication is 389.

6

Enter the fully distinguished name (FDN) of the Administrative User.
For example, cn=admin,o=organization

7

Enter the password for the Administrative User specified in

Step 6

.

8

(Optional) Enter the fully distinguished name for the ZENworks user source admin for whom
the ACL would be applied.
The ZENworks user source admin is configured as a user in the ZENworks user source
configuration for reading users from the user source and need not be the Administrative User
specified in

Step 6

. If you specify the fully distinguished name of this user, the program sets

ACLs at the specified containers to provide read access to zcmSharedSecret attribute for this
user.

9

Enter the user containers for which you want to extend the schema.
Multiple containers can be given separated by + sign. For example, o=sales or o=sales +
o=marketing.

10

Press

Enter

to generate random secret for all the users within the above containers.

11

(Conditional) If you have chosen SSL communication for communicating with the eDirectory
server, the server presents a certificate. Enter

y

to accept the certificate.

«
...
273
274
275
276
277
...
»

Summary of Contents for ZENWORKS 10 CONFIGURATION MANAGEMENT SP3 - NETWORK DISCOVERY DATABASE STRUCTURE

Page 1: ...l com novdocx en 16 April 2010 AUTHORIZED DOCUMENTATION ZENworks 10 Configuration Management System Administration Reference ZENworks 10 Configuration Management SP3 10 3 April 16 2010 System Administ...

Page 2: ...nd the trade laws of other countries You agree to comply with all export control regulations and to obtain any required licenses or classification to export re export or import deliverables You agree...

Page 3: ...Trademarks For Novell trademarks see the Novell Trademark and Service Mark list http www novell com company legal trademarks tmlist html Third Party Materials All third party trademarks are the prope...

Page 4: ...4 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 5: ...ors 29 2 1 4 Changing Administrator Passwords 29 2 2 Managing Administrator Rights 30 2 2 1 Assigning Super Administrator Rights 30 2 2 2 Assigning Additional Rights 30 2 2 3 Modifying Assigned Rights...

Page 6: ...Creating a Folder for Credentials 66 5 3 Assigning Credential Rights 67 5 4 Editing a Credential 68 5 5 Renaming a Credential 68 5 6 Moving a Credential to Another Folder 68 5 7 Removing a Credential...

Page 7: ...10 Refreshing a Satellite 92 7 11 Troubleshooting Satellites 92 8 Server Hierarchy 95 8 1 Primary Servers Peer Versus Parent Child Relationships 95 8 2 Satellite Role Relationships 95 8 2 1 Authentica...

Page 8: ...gs after Deployment 145 14 1 Configuring Agent Settings on the Management Zone Level 145 14 2 Configuring Agent Settings on the Device Folder Level 147 14 3 Configuring Agent Settings on the Device Le...

Page 9: ...nstalling the PRU 194 21 4 Canceling or Deleting a System Update 195 22 Deploying Updates 197 22 1 Understanding Deploying Updates 197 22 2 Deploying Updates 199 22 3 Starting a Pending Stage 206 22 4...

Page 10: ...ory on a Windows Server 237 28 2 Changing the Location of the Content Repository on a Linux Server 239 28 2 1 Mounting a Share 239 28 2 2 Unmounting a Share 240 28 2 3 Creating a Permanent Mount 240 2...

Page 11: ...o Define Additional LDAP Servers for a ZENworks Server 269 31 6 2 Using the zman Command Line Utility to Define Additional LDAP Servers for a ZENworks Server 270 32 User Authentication 271 32 1 User S...

Page 12: ...3 35 1 Backing Up the External Sybase Database 313 35 1 1 Backing Up the External Sybase Database on a Windows or Linux Server 313 35 1 2 Backing up the External Sybase Database Running on a Windows S...

Page 13: ...ing Messages 349 39 1 Understanding Message Formats 349 39 1 1 Local Log File Format 349 39 1 2 E Mail Format 350 39 1 3 SNMP Message Format 350 39 1 4 UDP Payload Format 351 39 2 Viewing the Message...

Page 14: ...l 2010 C Customizing the Look and Feel of the ZENworks Icon 369 C 1 Replacing the Default ZENworks Icons with the New Customized Icons 369 C 2 Replacing the Customized Icons with the Default ZENworks...

Page 15: ...63 Appendix C Customizing the Look and Feel of the ZENworks Icon on page 369 Appendix D Documentation Updates on page 371 Audience This guide is intended for ZENworks administrators Feedback We want t...

Page 16: ...ovell trademark An asterisk denotes a third party trademark When a single pathname can be written with a backslash for some platforms or a forward slash for other platforms the pathname is presented w...

Page 17: ...about using ZENworks Control Center ZCC to configure system settings and perform management tasks in your Management Zone Chapter 1 ZENworks Control Center on page 19 Chapter 2 Administrators on page...

Page 18: ...18 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 19: ...e Config xml File to Modify ZENworks Control Center Settings on page 23 Section 1 7 Bookmarking ZENworks Control Center Locations on page 24 Section 1 8 Troubleshooting ZENworks Control Center on page...

Page 20: ...onfiguration Management includes a Novell plug in module npm that you can use to access ZENworks Control Center from Novell iManager which is a management console used by many Novell products The ZENw...

Page 21: ...bjects The Frequently Used list in the left pane displays the 10 objects that you have accessed most often from most used to least used Clicking an object takes you directly to the details page for th...

Page 22: ...amodel zdm xml 2 Add the following lines to the file entry key allowedLoginAttempts 5 entry entry key lockedOutTime 300 entry The 5 in this example represents the number of retries before disabling lo...

Page 23: ...le Therefore changes made in this file are not lost when the config xml file is overwritten during software updates or upgrades The custom config xml file is located in the same directory as the confi...

Page 24: ...This setting is not functional at this time To manually suppress the page open the ZENworks Control Center display the Getting Started page then select Do not show me this again noQuickTaskAutoRefres...

Page 25: ...URL as a new bookmark in your Web browser 1 8 Troubleshooting ZENworks Control Center An HTTP request is not redirected to HTTPS if IIS is running on the Primary Server on page 25 An HTTP request is...

Page 26: ...26 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 27: ...r Rights on page 30 If you need any further help contact Novell Support http www novell com support In some cases you might have multiple administrator accounts that require the same administrative ri...

Page 28: ...dialog box The Add New Administrator dialog box lets you create a new administrator account by providing a name and password or you can create a new administrator based on an existing user in the user...

Page 29: ...strator account For more information see Administrator Commands in the ZENworks 10 Configuration Management Command Line Utilities Reference 2 1 2 Deleting Administrators 1 In ZENworks Control Center...

Page 30: ...ng Assigned Rights on page 31 2 2 1 Assigning Super Administrator Rights A Super Administrator has all rights to perform all actions in ZENworks Control Center For more information about all of the ri...

Page 31: ...es Or you could create an administrator account that allows access to all management tasks except those pertaining to Management Zone configuration user sources registration configuration settings and...

Page 32: ...17 User Rights on page 40 Section 2 3 18 ZENworks User Group Rights on page 41 Section 2 3 19 Zone Rights on page 41 2 3 1 Administrator Rights The Administrator Rights dialog box lets you allow the s...

Page 33: ...folders Modify Settings Allow or deny the administrator the rights necessary to modify settings Assign Bundles Allow or deny the administrator the rights necessary to assign bundles to the devices or...

Page 34: ...or delete credentials Modify Folders Allow or deny the administrator the rights necessary to modify folders Create Delete Folders Allow or deny the administrator the rights necessary to create or dele...

Page 35: ...ry to modify the list of devices contained in device groups Modify Folder Allow or deny the administrator the rights necessary to modify folders Create Delete Folders Allow or deny the administrator t...

Page 36: ...modify the rights associated with those folders Contexts on page 36 Privileges on page 36 Contexts To select the folder that contains the inventoried devices for which you want to assign rights click...

Page 37: ...icense components associated with the contexts folders you selected in the Contexts section Modify Allow or deny the administrator the rights necessary to modify the licenses Create Delete Allow or de...

Page 38: ...the policies for which you want to assign rights click Add to display the Contexts dialog box then browse for and select the folders for which you want to assign rights Privileges The Privileges sect...

Page 39: ...xts section The following rights are available Shutdown Reboot Wake Up Devices Specify whether the administrator can shut down reboot or wake up the devices in the folders you selected in the list Exe...

Page 40: ...xecute Allow or deny the administrator the rights necessary to remotely execute processes on devices Remote Diagnostics Allow or deny the administrator the rights necessary to perform remote diagnosti...

Page 41: ...rks group membership If you select this option you must also grant rights to Modify ZENworks Group Membership under User Rights Assign Policies Allow or deny the administrator the rights necessary to...

Page 42: ...elete ZENworks Server Refresh Device Configure Registration Allow or deny the administrator the rights necessary to configure device registration Registration lets you manage the various configuration...

Page 43: ...oles Panel on page 43 Role Settings Page on page 44 Administrator Settings Page on page 45 Roles Panel The Roles panel displays the following information Figure 2 1 Roles Panel Name You specified this...

Page 44: ...nformation Figure 2 2 Role Settings Page General panel Displays the ZENworks Control Center object type Role its GUID and a description that you can edit here Rights panel Displays the ZENworks Contro...

Page 45: ...or the role Rights panel Lists the rights that are assigned to the administrator independent of rights granted or denied by any roles assigned to the administrator The rights listed in this panel over...

Page 46: ...e novdocx en 16 April 2010 2 Specify a name and description for the role 3 To configure the rights for the role click Add and select a rights type from the drop down list 4 In the following dialog box...

Page 47: ...ators see Section 2 4 3 Assigning Roles on page 47 2 4 3 Assigning Roles You can assign roles to administrators or administrators to roles Assigning Roles to Administrators on page 47 Assigning Admini...

Page 48: ...48 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010 2 In the Assigned Roles panel click Add to display the Select Role dialog box...

Page 49: ...Select Context dialog box click Add and browse for a ZENworks Control Center context While browsing you can select multiple contexts in the Browse dialog box 4c When you are finished selecting the co...

Page 50: ...50 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010 2 In the Assigned Administrators panel click Add to display the Select Administrator dialog box...

Page 51: ...click a role type Role types that are designated with the Zone context are not clickable because they are generally available 4b In the subsequent Select Context dialog box click Add and browse for a...

Page 52: ...vilege select whether it should be allowed denied or left unset The most restrictive right set in ZENworks prevails If you select the Deny option the right is denied for any administrator assigned to...

Page 53: ...ails If you select the Deny option the right is denied for any administrator assigned to that role even if the administrator is granted that right elsewhere in ZENworks If you select the Allow option...

Page 54: ...select the check box for the role to be renamed 2 Click Edit Rename to open the Rename Role dialog box 3 Specify the new role name then click OK 2 4 6 Deleting a Role When you delete a role its rights...

Page 55: ...or downloading the news Section 3 1 Managing ZENworks News Alerts on page 55 Section 3 2 Configuring ZENworks News Settings on page 56 3 1 Managing ZENworks News Alerts Figure 3 1 ZENworks News Alerts...

Page 56: ...to display all the news alerts based on the selected category 3 1 4 Viewing the News 1 In ZENworks Control Center click Home 2 In ZENworks News Alerts panel click the news alert to display the news in...

Page 57: ...Dedicated News Server 1 In ZENworks Control Center click Configuration in the left pane 2 On the Configuration tab expand the Management Zone Settings section if necessary click Infrastructure Managem...

Page 58: ...Schedule Type field select No Schedule click Apply to save the schedule change then skip to Step 6 With this option selected you must download the news updates manually For more information see Updat...

Page 59: ...aved state such as when you last clicked Apply or OK 5e When you have finished configuring the recurring schedule click Apply to save the schedule change 6 To exit this page click OK when you are fini...

Page 60: ...60 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 61: ...on that file During the creation process you can specify the full path to the file for example C Program Files OpenOffice org 2 0 program setup ini Instead of specifying the entire path and filename y...

Page 62: ...to contain the devices in the accounting department You can set the value for the ProgramFiles variable to D program files on the Accounting Department device folder level When the same bundle is appl...

Page 63: ...he check box next to the variable or variables 5 Click Remove 6 Click Apply 4 4 Editing System Variables 1 In ZENworks Control Center click the Configuration tab 2 In the Management Zone Settings list...

Page 64: ...64 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 65: ...can use ZENworks Control Center or the zman command line utility to manage credentials The procedures in this section explain how to manage credentials by using ZENworks Control Center If you prefer t...

Page 66: ...Vault panel click New Credential to display the Add Credential dialog box 3 Fill in the fields If you need help click the Help button 5 2 Creating a Folder for Credentials 1 In ZENworks Control Cente...

Page 67: ...lder field click to browse for and select the folder where you want the new folder created 5 Type a description for the new folder if desired 6 Click OK to create the folder 5 3 Assigning Credential R...

Page 68: ...a Credential 1 In ZENworks Control Center click the Configuration tab 2 In the Credential Vault panel select the check box next to the credential 3 Click Edit Rename 4 Type the new name for the creden...

Page 69: ...about configuring the ZENworks Servers and Satellite devices Chapter 6 ZENworks Server on page 71 Chapter 7 Satellites on page 79 Chapter 8 Server Hierarchy on page 95 Chapter 9 Closest Server Rules...

Page 70: ...70 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 71: ...s Server Reports on page 77 6 1 ZENworks Services on a Windows Server When it is running on a Windows server a ZENworks Server includes the services listed in the following table All services are alwa...

Page 72: ...restart the services ensure that your server hardware meets the ZENworks minimum requirements If the server does not have adequate RAM ZENworks services might not continue running For more information...

Page 73: ...FTP Service novell tftp Used by PXE enabled devices to request files that are needed to perform imaging tasks ZENworks Agent Service novell zmd Used to enable the server as a managed device ZENworks D...

Page 74: ...prompt opt novell zenworks bin novell zenworks configure c Start By default the Start option is selected 2 Press Enter The ZENworks services start when the ZENworks Server is booted and should not nor...

Page 75: ...ge 75 6 3 1 Addressing Non Detectable IP Address Conditions The Non Detectable IP Addresses panel lets you specify the addresses that can be used to access the ZENworks Server when the server s IP add...

Page 76: ...rs in your Management Zone To see ZENworks version information for a specific Primary Server in your Management Zone 1 In ZENworks Control Center click the Devices tab 2 Click Servers then click the d...

Page 77: ...lained in Deleting Devices from Your ZENworks System in the ZENworks 10 Configuration Management Discovery Deployment and Retirement Reference To remove a ZENworks Primary Server from your Management...

Page 78: ...78 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 79: ...or Windows 2000 You might for example create a Satellite in a location across a slow WAN link and create Closest Server rules to offload one or more roles from the Primary Server to the newly created...

Page 80: ...source to provide failover When a managed device uses a Satellite for authentication the Satellite issues a certificate to the managed device so that it can authenticate to the Management Zone using...

Page 81: ...s the same content delivery service as a Primary Server but requires only the Content role module that is installed with the ZENworks Adaptive Agent The module is inactive until you enable it on the m...

Page 82: ...n the Server Hierarchy panel select the check box next to the Satellite that you want to configure click Action then click Configure Satellite Server You can only configure one Satellite at a time or...

Page 83: ...ed devices Make sure that the specified port is not in use 6 Click OK to save your changes and exit the dialog box 7 Repeat the previous steps to configure other Satellites 7 2 1 Authentication Role T...

Page 84: ...nd policy and bundle statuses then rolls that information up to its parent Primary Server which in turn either writes to the database directly or passes the information to its parent Primary Server wh...

Page 85: ...he time period during which an update can start If you select Days of the Week or Month and set a random start and end time the update starts between these times and continues for the specified durati...

Page 86: ...Configure 2 Conditional Select the check box next to Enable PXE Services to automatically start the Proxy DHCP service on the device to which the Imaging Server role has been assigned To check whether...

Page 87: ...ts child Satellite Be aware that the cleanup action for content occurs every night at midnight If you do not set a schedule the Default schedule applies to the Imaging content 5d Click OK to save the...

Page 88: ...check box next to the Satellite from which you want to remove the role 3 Click Actions Configure Satellite Server 4 In the Configure Satellite Server dialog box deselect the check box next to the Sate...

Page 89: ...r content from their parent Primary Servers any content that you want hosted on a Satellite must also be hosted on its parent Primary Server You can specify the content that is included or excluded on...

Page 90: ...g content from the content repository see the zman satellite server export content ssec command under Satellite Commands in the ZENworks 10 Configuration Management Command Line Utilities Reference Af...

Page 91: ...content repo directory in that path If you need to save the content that is now in this directory rename the existing directory and create a new empty directory named content repo You can later copy...

Page 92: ...tions take place immediately 1 Select the check box next to the Satellite that you want to refresh 2 Click Action Refresh Device The QuickTask Status box is displayed while the action is in progress 3...

Page 93: ...llite Commands in the ZENworks 10 Configuration Management Command Line Utilities Reference The managed device is not promoted to the Imaging Satellite role even though the role has been assigned to i...

Page 94: ...urce ZENworks 10 Configuration Management Satellite Explanation If ZENworks database is running on Oracle and the Content Replication schedule for a satellite is set to No Schedule you would encounter...

Page 95: ...e direct write access to the database However you should try to maintain peer relationships between your Primary Servers unless your network connections do not allow it Being in a child relationship i...

Page 96: ...naged device to collect inventory information messages errors warning informational and so forth and policy and bundle statuses then rolls that information up to its parent Primary Server which in tur...

Page 97: ...laces the Primary Server back to the first level of the hierarchy or moves it to be a child of another Primary Server if it is nested more than one level deep If you move a Primary Server back to the...

Page 98: ...98 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 99: ...structions for setting up Closest Server rules Section 9 1 Understanding Closest Server Rules on page 99 Section 9 2 Configuring the Closest Server Default Rule on page 101 Section 9 3 Creating Closes...

Page 100: ...on 9 1 2 Mapping Devices to Servers A Closest Server rule maps devices with specific network addresses to the following lists Collection Server list Content Server list Configuration Server list Authe...

Page 101: ...lies apply the default rule to the device The Default rule is simply a listing of all content servers in the order you want devices to contact them 9 2 Configuring the Closest Server Default Rule The...

Page 102: ...lick the Configuration tab click Infrastructure Management in the Management Zone Settings panel then click Closest Server Default Rule 2 To configure the servers listed in the any section do any of t...

Page 103: ...o manage server groups in any of the server lists Collection Content Configuration and Authentication Task Steps Additional Details Reorder the list 1 In the desired server list select the check box f...

Page 104: ...group later using the Groups Add to Group option 2 Specify a name for the group then click OK to add the group to the list 3 Click Apply to make the change effective Add servers to a group 1 In the d...

Page 105: ...ver2 Copy a group from one list to another list 1 In the server list to which you want to copy a group click Groups Copy Existing Group For example to copy a group from the Collection Servers list to...

Page 106: ...ocx en 16 April 2010 Remove a group 1 In the server list select the check box for the group you want to remove 2 Click Groups Remove Group then click OK 3 Click Apply to make the change effective The...

Page 107: ...u can add servers to the empty definition later using the L4 Switch Add to L4 Switch Definition option 2 Specify the DNS name or the IP address of the L4 switch then click OK to add the L4 switch to t...

Page 108: ...s in the lists differently This allows you to spread the workload initiated by devices by placing different servers higher in one list than in the other lists For example Collection Servers Server1 Gr...

Page 109: ...open the device s details page then click Settings Infrastructure Management in the Settings panel Closest Server Rules 3 Conditional If you are creating Closest Server rules on a device or device fo...

Page 110: ...For example DNS Name Filter equal to novell com DNS Name Filter is the criteria option equal to is the operator and novell com is the value In the above example the Closest Server rule is applied onl...

Page 111: ...Collection Content Configuration or Authentication click Add 2 Browse for and select one or more ZENworks Servers or Satellites 3 Click OK to add the selected servers to the list By default ZENworks...

Page 112: ...server lists Collection Content Configuration and Authentication Reorder the list 1 In the desired server list select the check box for the server group or L4 switch you want to move 2 Click Move Up...

Page 113: ...roups Add to Group option 2 Specify a name for the group then click OK to add the group to the list 3 Click Apply to make the change effective Add servers to a group 1 In the desired server list selec...

Page 114: ...p1 L4Switch5 Server1 Server2 Copy a group from one list to another list 1 In the server list to which you want to copy a group click Groups Copy Existing Group For example to copy a group from the Col...

Page 115: ...ange effective The group s servers are not removed only the group Task Steps Additional Details Create an L4 switch definition 1 In the server list select the check boxes for the servers to include in...

Page 116: ...nge effective Reorder the list 1 In the desired server list select the check box for the server group or L4 switch you want to move 2 Click Move Up or Move Down as necessary to change its order in the...

Page 117: ...vices or device folders location export rules to file loctf Exports Closest Server rules data in XML format to a file The XML file can be used as input for creating or appending to the Closest Server...

Page 118: ...118 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 119: ...ry Server in the Management Zone If you have two or more Primary Servers and you ve replicated all content to both servers they serve as backup copies to each other The ZENworks database if it resides...

Page 120: ...1 Backing Up a ZENworks Server on page 119 If the ZENworks database resides on the ZENworks Server you have a backup of the database See Section 34 3 Backing Up the Embedded Sybase SQL Anywhere Databa...

Page 121: ...work content repo images directory on a Windows server or the var opt novell zenworks content repo images directory on a Linux server 8 Restart the ZENworks Server 10 3 Backing Up the Certificate Auth...

Page 122: ...the CaConfig xml file which is located in ZENworks_installation_directory conf security directory on Windows and in the etc opt novell zenworks security directory on Linux to ensure that the Keystore...

Page 123: ...irst Primary Server and the second Primary Server must have the same version of the ZENworks 10 Configuration Management installed NOTE This scenario has been tested on the following platform combinat...

Page 124: ...s Image field click The Server and Path Information dialog box is displayed 3f In the Server Object IP or DNS field click to browse for and select the second Primary Server 3g In the File Path on Serv...

Page 125: ...Click OK twice 7 Refresh all the devices Primary Serves Satellites and managed devices in the Management Zone so that they get the new closest server rules 8 Conditional Move the database to another...

Page 126: ...ining Data Moved from Another Oracle Database on page 328 9 Remove all Satellites under the first Primary Server from the Server Hierarchy For more information on how to remove the Satellites from the...

Page 127: ...e Embedded Sybase SQL Anywhere Database on page 295 To take a backup of an external database see the documentation for the database 4 Stop all the ZENworks services on the Primary Server For detailed...

Page 128: ...imary Server after Installing ZENworks 10 Configuration Management on page 132 Section 11 3 3 Changing the DNS Name or the IP Address and DNS Name of the Primary Server after Installing ZENworks 10 Co...

Page 129: ...n all the Primary Servers in the Management zone whose certificate you want to change 1 Reconfigure the certificates on the Primary Server whose IP address and DNS name you changed in Step 2 by enteri...

Page 130: ...the server s command prompt enter the following command novell zenworks configure c RebuildCustomPacks Z Replacing the Existing Certificate with the New External Certificate on the Satellites Perform...

Page 131: ...included in the Closest Server rule reconfigure the Closest Server rule to include the Satellite 1 In the default Closest Server rule ensure that device has been correctly placed in the Authenticatio...

Page 132: ...by default in the ZENworks_installation_directory work directory on Windows and in the var opt novell zenworks on Linux Ensure that the images directory located within the content repo directory has...

Page 133: ...e DNS and DHCP servers are configured on the same device 1 Before changing the IP address of the Primary Server take a reliable backup of the following on all the Primary Servers in the Management Zon...

Page 134: ...on page 135 3 Replacing the Existing Certificate with the New External Certificate on the Managed Devices on page 136 Replacing the Existing Certificate with the New External Certificate on the Primar...

Page 135: ...the ZENworks cache by running the zac cc command 9 Restart the ZENworks Adaptive Agent Service 10 Re create all the default and custom deployment packages Default Deployment Packages At the server s c...

Page 136: ...tion about zac view the zac man page man zac on the device or see zac 1 in the ZENworks 10 Configuration Management Command Line Utilities Reference 6c Add the Authentication role to the device For mo...

Page 137: ...works_installation_directory Novell ZENworks cache zmd s 3 Restart the ZENworks Adaptive Agent Service 4 Run the following command to register the device in the Management Zone zac reg https ZENworks_...

Page 138: ...138 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 139: ...y and device messages Each of these services is provided through the use of modules that plug in to the Adaptive Agent Using ZENworks Control Center you can configure which modules are active on devic...

Page 140: ...140 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 141: ...ns to view the Adaptive Agent software version on a workstation 3 Click the underlined link for the desired device 4 In the General section view the version in the ZENworks Agent Version row 5 Optiona...

Page 142: ...142 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 143: ...stalled 1 Depending on whether you want to search for all devices servers and workstations for servers or for workstations that have the specified version of the Adaptive Agent installed do one of the...

Page 144: ...144 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 145: ...ment Zone The setting applies to all devices in the Management Zone Device Folder The setting applies to all devices contained within the folder or its subfolders It overrides the Management Zone sett...

Page 146: ...ation Management System Administration Reference novdocx en 16 April 2010 3 Click ZENworks Agent 4 Fill in the fields For more information see Section 14 4 ZENworks Agent Settings on page 148 5 Click...

Page 147: ...gure settings 4 Click the Settings tab click Device Management then click ZENworks Agent 5 Fill in the fields For more information see Section 14 4 ZENworks Agent Settings on page 148 6 Click OK to ap...

Page 148: ...s on a device folder or a device click Override settings The following settings can be configured Allow Users to Uninstall Agent Enable this option if you want users to be able to uninstall the ZENwor...

Page 149: ...sed on July 1 at 10 00 a m Without the default Cache Orphaning Threshold setting 30 days the entry becomes an orphan if it is not accessed again before July 31 at 10 00 a m A higher Cache Orphaning Th...

Page 150: ...pted that the ZENworks 7 Desktop Management Agent will be uninstalled Ensure that you enable only the Asset Management feature if you want to use ZENworks 10 Asset Management and you want to continue...

Page 151: ...might require a reboot of the device when installing or uninstalling the module If a reboot is required during install the module does not function until the reboot occurs If a reboot is required dur...

Page 152: ...bundle or Directive bundle related zac commands If you disable the Bundle Management module when a bundle is being applied to the device the module is disabled after the bundle is applied and the dev...

Page 153: ...d but it is not uninstalled on the Windows Vista Windows 2008 Windows 7 and Windows 2008 R2 managed devices The icon properties page displays the status of Image Management as Disabled novell ziswin i...

Page 154: ...abled The patch bundles that are assigned to the device are not displayed in the NAL window or in the shortcut locations such as Desktop Start Menu Quick Launch or System Tray of the device You cannot...

Page 155: ...running a Dynamic Local User DLU policy the module is disabled after the device is rebooted The Policy Management service is uninstalled from the device The icon properties page does not display an e...

Page 156: ...is stopped and disabled on the device The icon properties page displays the Remote Management status as Disabled The Remote Management policy is unenforced from the device The device cannot be remote...

Page 157: ...vice The bundle settings apply only to the device for which they are configured The following sections contain more information Section 15 1 Configuring ZENworks Explorer Settings on the Management Zo...

Page 158: ...lorer Settings on the Device Folder Level 1 In ZENworks Control Center click the Devices tab 2 Click the Servers or Workstations folder 3 Click Details next to the folder for which you want to configu...

Page 159: ...tab 2 Click the Servers or Workstations folder 3 Click the device for which you want to configure settings 4 Click the Settings tab click the Content tab then click ZENworks Explorer Configuration 5...

Page 160: ...stalled after it is no longer assigned to a device or the device s user If you choose to uninstall the bundle select the number of days to wait before uninstalling the application Specify 0 if you wan...

Page 161: ...an IP based discovery is performed on the device To remove the ZENworks Pre Agent from a device after ZENworks has been uninstalled from the device perform the following steps 1 Delete the directory n...

Page 162: ...162 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 163: ...e Agent that resides on managed devices including whether a dialog box displays on managed devices prompting users to allow the system update or a required boot after a system update is applied and wh...

Page 164: ...164 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 165: ...ive Agent Explanation When you promote a device to Satellite through ZENworks Control Center the configured Satellite role is added to the device However when you double click the icon the Satellite m...

Page 166: ...to the new name for NWGina dll 3 Reboot the server Install Novell Client NOTE This needs to be done only once The ZENworks Adaptive Agent Policies page does not display the correct status for the DLU...

Page 167: ...ches 1 Open the Registry Editor 2 Go to HKLM Software Novell ZENworks 3 To enable batch refreshes create a DWORD called EnableBatchRefresh and set the value to 1 By default there are 5 sessions in a b...

Page 168: ...168 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 169: ...tic downloads of the updates Chapter 19 Introduction to ZENworks System Updates on page 171 Chapter 20 Configuring Updates on page 173 Chapter 21 Managing Update Downloads on page 191 Chapter 22 Deplo...

Page 170: ...170 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 171: ...u can apply the update for version 10 0 4 You can also download the latest Product Recognition Update PRU to update your knowledgebase so that Inventory can recognize newer software When you select to...

Page 172: ...172 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010 Chapter 24 Reviewing the Content of an Update on page 215 Chapter 25 Update Statuses on page 219...

Page 173: ...can check for software updates is to do so manually in the Available System Updates panel on the System Updates tab You can specify how often you want to check for updates When you do this informatio...

Page 174: ...checking for updates to your ZENworks software click the down arrow in the Schedule Type field then select Recurring 5 Fill in the fields 5a Select one or more check boxes for the days of the week 5b...

Page 175: ...trol Center click Configuration in the left pane then click the Configuration tab 2 Click Management Zone Settings to expand its options click Infrastructure Management to expand its options then sele...

Page 176: ...s immediately after the server comes back online Use Coordinated Universal Time Causes the schedule to interpret the times you specify as UTC instead of local time Start at a Random Time Between Start...

Page 177: ...ly With Notification Advance To Next Stage and Notify When Complete SMTP must be configured in order for the staging e mail configuration to work 3 Conditional If you do not have SMTP configured 3a To...

Page 178: ...ke the changes effective 6 Either click OK to close the page or continue with another configuration task If you did not click Apply to make your changes effective clicking OK does so Clicking Cancel a...

Page 179: ...one ZENworks Server to be dedicated to handling your update downloads The server that you select should have access to the Internet directly or through a proxy server The following sections contain m...

Page 180: ...time such as to a test group first then to your managed devices If a failure occurs during the update process the process is halted E mail notifications can let you know when each stage has completed...

Page 181: ...gs panel if necessary click Infrastructure Management then click System Update Settings to display the Reboot Behavior panel 3 Select one of the following options Prompt User to Reboot When Update Fin...

Page 182: ...with stages Set them up for different devices or groups such as for a test group specific devices or device groups or all managed devices in the zone Modify an existing stage s membership Change the...

Page 183: ...al Displays the order in which the stages run You can rearrange the staging order by using the Move Up and Move Down options For more information see Rearranging the Order in Which Stages Start on pag...

Page 184: ...lied a request to reboot is immediately displayed If the user initially rejects rebooting the user is periodically requested to reboot the device until the device is rebooted Do Not Reboot Device The...

Page 185: ...dating any of the other managed servers and especially before updating any managed workstations 4c Repeat Step 4b until you are finished adding members to the stage 4d To add members to another stage...

Page 186: ...2 4 Modifying Staging Behavior The default stage behavior is to automatically advance through the configured stages You can change this default behavior If you change the staging behavior for one stag...

Page 187: ...click the System Updates tab 2 In the Deployment Stages panel select the check box for one or more the deployment stages click Action then click Modify Reboot Behavior 3 Select one of the following op...

Page 188: ...before updating any managed workstations 2c Repeat Step 2b until you are finished adding members to the stage 2d To add members to another stage repeat Step 2a through Step 2c 3 Optional Remove devic...

Page 189: ...overed 20 2 9 Rearranging the Order in Which Stages Start All updates that use stages deploy to the devices that are members of the stages according to the currently listed staging order To rearrange...

Page 190: ...190 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 191: ...he following sections contain more information Section 21 1 Understanding Available Updates on page 191 Section 21 2 Downloading Updates on page 192 Section 21 3 Downloading and Installing the PRU on...

Page 192: ...rrent status of the update which is automatically updated every 15 seconds For more information on the individual statuses see Chapter 25 Update Statuses on page 219 Importance Displays the relative i...

Page 193: ...in the left pane then click the System Updates tab 2 In the Available System Updates panel click Action Check for Updates Any available updates are displayed with a status of Available 3 To re sort t...

Page 194: ...e or Product Recognition Update PRU files from the Novell Downloads page http download novell com copy the files onto a CD or other media and then use the CD to import the files to a ZENworks Primary...

Page 195: ...ted PRU then click Action Download Update 4 To install a downloaded PRU go to the Available System Updates panel then click Action Deploy PRU Now The PRU is now listed in the Deploying System Updates...

Page 196: ...resume after reconnecting Attempting to use the Cancel Download action results in the update hanging in the Cancel state Use the zman sudu force command to delete the update To delete an update 1 In...

Page 197: ...environment You can schedule the deployment Deploy the update to specific devices selected individually and by device groups without using deployment stages You can use this option to test the update...

Page 198: ...e following reboot options Prompt User to Reboot When Update Finishes Applying After the update has been applied a request to reboot is immediately displayed If the user initially rejects rebooting th...

Page 199: ...IED or BASELINE status the update deployment item is no longer displayed in this panel but is displayed in the Deployment History panel For more information see Section 22 8 Viewing Status by Device o...

Page 200: ...Updates The following illustrates available updates 5 Optional To view the content of an available update click the name of the update in the Update Name column to display the Release Details page Fo...

Page 201: ...7 Determine whether to deploy the downloaded update then select its check box You can deploy only one update at a time If you want to review the content of the update that you downloaded see Chapter 2...

Page 202: ...ge containing the first Primary Server before deploying the update to other stages containing the remaining Primary Servers and managed devices Deploy System Updates to Selected Devices in the Managem...

Page 203: ...ut user intervention if a reboot is required by the update Some updates do not require a device to be rebooted after they have been deployed to a device However if a reboot is required to complete the...

Page 204: ...year on the start date Process Immediately if Device Unable to Execute on Schedule Do not use this option for updates It does not apply to updates Start Immediately at Start Time Lets you deploy updat...

Page 205: ...a Linux device because these devices are not ZENworks managed devices and do not have the ZENworks icon The progress of downloading the update MSI files is displayed When it has finished the dialog bo...

Page 206: ...nfiguration in the left pane then click the System Updates tab 2 In the Deploying System Updates panel select the check boxes for an update 3 Click Action Start Pending Stage 22 4 Rescheduling a Deplo...

Page 207: ...s through stages for the other devices Therefore the status in the Available System Updates panel is changed to Ready if you cancel only the staged deployment Aborted if you cancel both the staged dep...

Page 208: ...All Devices Lists all devices that were configured to receive the selected update regardless of status Pending Devices Lists only the devices where the selected update is pending Successful Devices Li...

Page 209: ...ful or Failed column to display the appropriate Status by Device page For example if you click the link in the Pending column you see the status of devices on which the deployment is pending as in the...

Page 210: ...ates panel click an underlined link in the Update Name Stage Pending Successful or Failed column to display the appropriate Status by Device page For example if you click the link in the Pending colum...

Page 211: ...as a schedule of Now this option is not available 22 8 7 Refreshing Devices 1 In ZENworks Control Center click Configuration in the left pane then click the System Updates tab 2 In the Deploying Syste...

Page 212: ...212 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 213: ...in the left pane then click the System Updates tab 2 In the Available System Updates panel select the check boxes for one or more updates 3 Click Action Delete Update The update is deleted from the li...

Page 214: ...214 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 215: ...on Section 24 1 Viewing the Release Details Page on page 215 Section 24 2 Update Release Details on page 215 Section 24 3 Deployment History on page 216 24 1 Viewing the Release Details Page 1 In ZENw...

Page 216: ...s content to your ZENworks installation Some possible entries OPTIONAL Not required for normal operation of ZENworks MANDATORY A required update that must be applied Description Brief information abou...

Page 217: ...stage For more information on the individual statuses see Chapter 25 Update Statuses on page 219 Pending Displays the number of devices for which the update deployment process is pending A device can...

Page 218: ...he devices where deployment was successful 1 In the Deployment Stages panel click the number in the Successful column 2 On the Status by Device page review the information Displays devices that have h...

Page 219: ...ervers were rebuilt with the latest software In this version however the agent packages are rebuilt during the upgrade process of each individual Server Canceled Displays after you select Action Cance...

Page 220: ...placed by another update listed in the Available System Updates section You should see this status only if you are in the process of deploying this update and there are pending devices You can delete...

Page 221: ...an postpone the update five times NOTE Because this feature was added after localization for non English languages there is no translation available for the string required to indicate to the user tha...

Page 222: ...nder HKEY_LOCAL_MACHINE Software Novell ZCM SystemUpdate using 0 to indicate the number of postpones remaining Reboot Prompt Timeout When an update is assigned with the Prompt User for Reboot option t...

Page 223: ...April 2010 V Zone Administration This section contains information about Management Zone configuration settings that let you control a wide range of functionality for your Zone Chapter 27 Management...

Page 224: ...224 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 225: ...ection 27 5 Event and Messaging Settings on page 230 Section 27 6 Infrastructure Management Settings on page 230 Section 27 7 Inventory Settings on page 231 Section 27 8 Reporting Services Settings on...

Page 226: ...ging Settings on page 230 Infrastructure Management Settings on page 230 Inventory Settings on page 231 Reporting Services Settings on page 232 Asset Management Settings on page 232 Patch Management S...

Page 227: ...page 230 Infrastructure Management Settings on page 230 Inventory Settings on page 231 Reporting Services Settings on page 232 Asset Management Settings on page 232 Patch Management Services Settings...

Page 228: ...agement Settings on page 229 Discovery and Deployment Settings on page 230 Event and Messaging Settings on page 230 Infrastructure Management Settings on page 230 Inventory Settings on page 231 Report...

Page 229: ...n ZENworks Control Center can be renamed as they update their registration information For more information see Registration resources help settings_registration html ZENworks Explorer Configuration C...

Page 230: ...f discovery requests that can be running at one time and the technologies to use for the discovery You can also specify IP and SNMP settings used by the WMI Windows Management Instrumentation and SNMP...

Page 231: ...the server and the schedule for downloading the ZENworks News For more information see ZENworks News Settings resources help settings_zenworksnews html 27 7 Inventory Settings The Inventory section c...

Page 232: ...ENworks Control Center For more information see Folder Sync Schedule resources help cfg_report_foldersync html Reset the Passphrase of the ZENworks Reporting Server Allow the user to reset the Passphr...

Page 233: ...ore information see Subscription Service Information resources help b9f6zcf html Configure HTTP Proxy Configure an HTTP proxy for access to Internet patch subscription The HTTP proxy server allows ZEN...

Page 234: ...234 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 235: ...The set of rules that control a range of hardware and software configuration settings on managed devices Used in ZENworks Configuration Management Patches The files and instructions required to update...

Page 236: ...236 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 237: ...tent repository to a different location The following sections provide instructions Section 28 1 Changing the Location of the Content Repository on a Windows Server on page 237 Section 28 2 Changing t...

Page 238: ...If a driver letter is associated with the partition that you want to use as the new content repository location do the following 5a In the Computer Management dialog box right click the drive s parti...

Page 239: ...ENworks requires that the ZENworks user has complete ownership rights on the directory to which you have created the symbolic link Run the following command to make the ZENworks user the owner of this...

Page 240: ...vell zenworks content repo cifs credentials path_to_credentials_file 0 0 The credentials file listed in the command contains a username and password For more information see the mount cifs 8 man page...

Page 241: ...oot user does not already exist smbpasswd a root For security reasons you must specify a root password that is different from the login password 7 Optional To test if the newly created share is access...

Page 242: ...242 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 243: ...nd the setting is not configured directly on the bundle In other words the setting is not configured at the system level the folder level or the bundle level If the settings are configured at the syst...

Page 244: ...vice set the Schedule Type to No Schedule For more information on setting the schedule type see Section 7 2 3 Content Role on page 84 Primary Server Output Throttling in KB Sec Select the throttling r...

Page 245: ...nt Servers By default when a new content server ZENworks Server or Satellite devices is added to the zone all bundle and policy content is replicated to that content server You can however choose not...

Page 246: ...g the content into a Satellite device s content repository see the zac cdp import content cic command under Content Distribution Commands in the ZENworks 10 Configuration Management Command Line Utili...

Page 247: ...er without first excluding it from the Satellite devices If you have only one ZENworks Server in your Management Zone you can t exclude the content from it You can t include a Satellite devices withou...

Page 248: ...ts content from the server As you include or exclude content from the server be aware of the following replication rules If a ZENworks Server is the parent server for one or more Satellite devices you...

Page 249: ...you include or exclude content servers be aware of the following replication rules If a ZENworks Server is the parent server for one or more Satellite devices you can t exclude content from the ZENwo...

Page 250: ...250 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 251: ...mine which content server a managed device uses to download content The Closest Server rules let you map devices to content servers based on network addresses DNS names and IP addresses For more infor...

Page 252: ...each day If you want the blackout time period to extend for 24 hours select the same time as the start time 5 Click OK to save the blackout period 6 Repeat Step 4 to create additional blackout period...

Page 253: ...If you want a device refreshed only when its user manually initiates the refresh select Manual Refresh then click Apply Users can initiate a refresh by clicking the ZENworks icon located in the deskt...

Page 254: ...ays Hours and Minutes fields specify the amount of time between refreshes For example to set a refresh interval of 3 hours you would specify 0 Days 3 Hours 0 Minutes The default is 2 hours The Timed R...

Page 255: ...nformation about connecting your ZENworks Management Zone to an authoritative user source Microsoft Active Directory or Novell eDirectoryTM and managing how users log in to the ZENworks Management Zon...

Page 256: ...256 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 257: ...31 3 Managing User Source Connections on page 263 Section 31 4 Managing Primary Server Connections for User Sources on page 266 Section 31 5 Managing Authentication Server Connections for User Sources...

Page 258: ...s on page 258 Section 31 2 2 Deleting User Sources on page 262 Section 31 2 3 Editing User Sources on page 262 Section 31 2 4 Adding a Container from a User Source on page 263 31 2 1 Adding User Sourc...

Page 259: ...blishes the point in the directory where you can begin to browse for user containers Specifying a root context can enable you to browse less of the directory but it is optional If you don t specify a...

Page 260: ...ectory specified in the Connection Information page is extended using the novell zenworks configure tool If Shared Secret is not selected as an authentication mechanism a ZENworks login dialog box is...

Page 261: ...those users and groups you have two options You can add MyCompany EMEA as a user container so all containers located below EMEA are visible in ZENworks Control Center including the Servers and Servic...

Page 262: ...the desired mechanisms then click OK For more information see Section 32 2 Authentication Mechanisms on page 272 Use SSL By default this option is enabled Click No to disable the option if the LDAP se...

Page 263: ...Center The name cannot be the same as the name of any other user containers 4 Click OK to add the user container The container and its users and user groups is now available on the Users page 31 3 Man...

Page 264: ...Port This field defaults to the standard SSL port 636 or non SSL port 389 depending on whether the user source uses SSL If your LDAP server is listening on a different port select that port number Ad...

Page 265: ...ses SSL click the Update button to update the certificate if a new certificate exists 4 Click OK 31 3 3 Removing User Source Connections 1 In ZENworks Control Center click the Configuration tab 2 In t...

Page 266: ...ource Connections dialog box 1 Optional In the Connection Name field specify all or part of the name for the connection to the LDAP directory then click Filter to display the list of connections that...

Page 267: ...o an existing Satellite The following sections contain more information Section 31 5 1 Assigning a Connection to an Authentication Server on page 267 Section 31 5 2 Removing a Connection on page 268 S...

Page 268: ...enter click the Configuration tab 2 In the User Sources panel click the name of a user source to display its details 3 In the Authentication Servers panel select the check box next to the server s nam...

Page 269: ...ty to Define Additional LDAP Servers for a ZENworks Server on page 270 31 6 1 Using ZENworks Control Center to Define Additional LDAP Servers for a ZENworks Server 1 In ZENworks Control Center click t...

Page 270: ...Line Utility to Define Additional LDAP Servers for a ZENworks Server To define additional LDAP servers for a ZENworks Server run the user source add connection usac command on the server For more info...

Page 271: ...mple assume that a user has accounts in two eDirectory trees Tree1 and Tree2 Tree1 is defined as a user source in the Management Zone but Tree2 is not If the user logs in to Tree1 he or she is automat...

Page 272: ...ory on page 276 32 2 1 Kerberos Active Directory only Kerberos an authentication protocol developed at MIT requires entities for example a user and a network service that need to communicate over an i...

Page 273: ...a User Source You can enable Kerberos authentication while adding a user source For more information see Section 31 2 1 Adding User Sources on page 258 Enabling Kerberos Authentication on an Existing...

Page 274: ...user uses a smart card to log in to eDirectory the user is automatically logged in to ZENworks provided the schema of the eDirectory specified when the user source is added has been extended using no...

Page 275: ...cating with the eDirectory server Enter 1 for SSL communication or 2 for Clear Text Communication then press Enter again 5 Enter the port for communicating with the eDirectory server The default port...

Page 276: ...rmation see Section 31 2 1 Adding User Sources on page 258 Enabling Username Password Authentication on an Existing User Source You can enable Username Password authentication on an existing user sour...

Page 277: ...pdated in the CASA storage vault the next time the user logs in If you do run the CASA Manager you are prompted to install the GTK Library If you choose to install the library which is necessary to ru...

Page 278: ...een on page 278 Unable to log in to the ZENworks Server on page 279 Large number of concurrent client logins might result in login failures on page 279 How do I enable debug logs on Windows 2003 Windo...

Page 279: ...of concurrent client requests exceeds the value of Connector acceptCount the client connect requests might fail because the server is not able to accept these connections Action Increase the number of...

Page 280: ...reshAsync and set the value to TRUE 4 Log in to the device again IMPORTANT If you change the login process to execute the device refresh asynchronously the latest policies might not be immediately ava...

Page 281: ...user1 is logged in to the device instead of user2 because user1 appears first in the search performed by Novell CASA The settings assigned to user1 are applied on the device Action No two eDirectory u...

Page 282: ...282 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 283: ...nsing VIII 283 novdocx en 16 April 2010 VIII ZENworks 10 Product Licensing This section contains information about evaluating activating and deactivating ZENworks products Chapter 33 ZENworks 10 Produ...

Page 284: ...284 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 285: ...n 33 3 Activating a Product on page 286 Section 33 4 Deactivating a Product on page 286 Section 33 5 Possible License State Changes on page 287 Section 33 6 Using ZENworks 10 Asset Management with ZEN...

Page 286: ...se Key then click Apply 6 Click OK For more information on license state changes see Section 33 5 Possible License State Changes on page 287 33 3 Activating a Product 1 Log in to the ZENworks Control...

Page 287: ...oned from an evaluation state to deactivated state can be now moved to an active evaluation or extended evaluation state NOTE If you change the license state on a ZENworks Server it might take up to 3...

Page 288: ...ports You must have installed ZENworks Reporting Server to view the predefined reports For more information on how to install ZENworks Reporting Server see the ZENworks 10 Configuration Management Rep...

Page 289: ...ks Configuration Management and ZENworks Asset Management products installed on all the devices in your Management Zone You can view information such as the license status for the products the expirat...

Page 290: ...290 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 291: ...up the ZENworks database on a regular basis However you can back up the server and the database in any order When restoring the ZENworks Server and the database you must first restore the ZENworks Ser...

Page 292: ...292 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 293: ...that is bundled with ZENworks we recommend that you store the credentials of the database for future use 1 Retrieve the credentials of the embedded Sybase SQL Anywhere database by entering one of the...

Page 294: ...d in zenworks_database conf the new number you specified in Step 1 On a Linux server In the opt novell zenworks share boe bobje odbc ini file change the value of TCP IP to the port number specified in...

Page 295: ...immediately back up the embedded Sybase SQL Anywhere database or schedule the backup to run at a specific time To back up the embedded Sybase SQL Anywhere database immediately continue with Step 2 To...

Page 296: ...s server as per the schedule in the c backupschedule sql file enter the following command zman database backup c dbbackup c backUpSchedule sql d DAYNAME now For more information about this command vie...

Page 297: ...ated in Step 1a For example specify the user as Administrator and the password as novell 1f Click OK 2 Perform the following steps on the remote machine that has the network location where you want to...

Page 298: ...d custom_directory_name is a name that you specify for a directory to be newly created by zman and into which the database files are to be backed up For more information about the command view the zma...

Page 299: ...h the username created in Step 1a and set the password by using the passwd specify_the_password command 1c Create a directory to save the database backup For example create a directory with the name b...

Page 300: ...URS A sample schedule file to back up the database at 1 00 a m on the first second third and fourth days of the month is as follows CREATE EVENT ZENDBBackup1 SCHEDULE START TIME 1 00 AM ON 1 2 3 4 Sam...

Page 301: ...up the server and the database in any order For more information about backing up and restoring the ZENworks Server see Chapter 10 Backing Up and Restoring the ZENworks Server and Certificate Authorit...

Page 302: ...g in to the ZENworks server as root 2 Change to opt novell zenworks bin and enter the following command ZenworksLinuxDBRestore sh F root dbBackup zenworks_zone_name db 3 Enter Y when the following mes...

Page 303: ...ase database installed copy zenworks_database conf and all files within the database directory to the appropriate directories on the device that has the external Sybase database The zenworks_database...

Page 304: ...he Data from an Embedded Sybase SQL Anywhere to an External Oracle Database ZENworks 10 Configuration Management allows you migrate the data from an internal Embedded Sybase SQL Anywhere database or a...

Page 305: ...n utility uses only the USERS tablespace by default You cannot manually specify any other tablespace during the migration Make sure that the NLS_CHARACTERSET parameter is set to AL32UTF8 and the NLS_N...

Page 306: ...trol Panel 2 Double click Administrative Tools Services 3 The status of the Novell ZENworks Embedded Datastore service must be Started On Linux At the console prompt enter etc init d sybase asa status...

Page 307: ...r administrator s username and password 9 Enter the schema name when prompted for the database username 10 Enter the database schema password when prompted for the database user s password The databas...

Page 308: ...e migration The database migration starts 10 After the database is successfully migrated continue with Section 34 6 3 Post Migration Tasks on page 308 34 6 3 Post Migration Tasks If there is only one...

Page 309: ...s administrator account automatically created during installation uses an initial capital so in order to log in to ZENworks Control Center you must enter Administrator 34 6 4 Troubleshooting Database...

Page 310: ...orks_installation_path bin novell zenworks configure bat file on Windows or opt novell zenworks bin novell zenworks configure on Linux 2 Follow the prompts When you are prompted to enter the location...

Page 311: ...ubleshooting the Database Migration by Using An Existing User Schema If you choose to migrate the database by using an existing user schema the database migration utility creates the ZENworks database...

Page 312: ...ministrative Tools Services 3 Start the following services Novell ZENworks Server Novell ZENworks Services Monitor and Novell ZENworks Agent Service On Linux At the console prompt enter the following...

Page 313: ...ENworks 10 Configuration Management installation media you can back it up to a directory on the local machine or to a network location Section 35 1 1 Backing Up the External Sybase Database on a Windo...

Page 314: ...ectory execute the following query BACKUP DATABASE DIRECTORY root dbBackup TRANSACTION LOG TRUNCATE You must manually archive the complete path of the database backup location that you specify in the...

Page 315: ...NSACTION LOG TRUNCATE END To back up the database to the var day_of_the_week directory on Linux execute the following query CREATE EVENT ZENDBbackup SCHEDULE START TIME 1 00 AM EVERY 24 HOURS HANDLER...

Page 316: ...rd of the administrative user you created in Step 1a For example specify the user as Administrator and the password as novell 1f Click OK 2 Perform the following steps on the remote machine that has t...

Page 317: ...a specific time every day or on specific days of a month 1 Execute the following query by specifying it in the SQL Statements section CREATE EVENT backup_schedule_name SCHEDULE START TIME specify_the_...

Page 318: ...server execute the following query CREATE EVENT ZENDBbackup SCHEDULE START TIME 1 00 AM EVERY 24 HOURS HANDLER BEGIN DECLARE backupDir varchar 256 DECLARE backup_stmt varchar 512 SET backupDir DAYNAME...

Page 319: ...the password by using the passwd specify_the_password command 1c Create a directory to save the database backup For example create a directory with the name backup 1d Open the Samba server settings by...

Page 320: ...p_directory_on_database_server TRANSACTION LOG TRUNCATE For example execute the following query to back up the database to the root zenworks_dbbackup directory BACKUP DATABASE DIRECTORY root zenworks_...

Page 321: ...ANDLER BEGIN BACKUP DATABASE DIRECTORY root zenworks_dbbackup TRANSACTION LOG TRUNCATE END To back up the database to the root zenworks_dbbackup day_of_the_week directory on Linux execute the followin...

Page 322: ...you want to restore the backed up database If you choose to restore the backed up database on a different device you must stop the service on that device as well as on the database server On Windows D...

Page 323: ...ou restore the database to a location other than the one given in the zenworks_database conf file you must manually edit the file to specify the new location of the database The zenworks_database conf...

Page 324: ...ocated in ZENworks_installation_path by default on Windows and in the var opt novell zenworks directory on Linux 3 On the EDB2 device open zenworks_database conf and make sure that it contains the cor...

Page 325: ...the following Make sure that ZENworks 10 Configuration Management is installed with an external OEM Sybase database on a Windows or Linux device Install the Embedded OEM Sybase database on the ZENwork...

Page 326: ...the ZENworks Server that has the embedded Sybase database The database directory is located in ZENworks_installation_path on Windows and in the opt novell zenworks directory on Linux 4 On the ZENwork...

Page 327: ...new MS SQL database The following sections provide detailed information Section 35 5 1 Preparing to Move the Data on page 327 Section 35 5 2 Configuring the ZENworks Server to Point to the New MS SQL...

Page 328: ...t the following services Novell ZENworks Server Novell ZENworks Services Monitor and Novell ZENworks Agent Service On Linux At the console prompt enter the following commands etc init d novell zenmntr...

Page 329: ...in ZENworks_installation_path conf datamodel on Windows and in etc opt novell zenworks datamodel on Linux to do the following Make sure that the value of the Port entry key is the port number on whic...

Page 330: ...330 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 331: ...vices make sure that the status of Novell ZENworks Embedded Datastore is Started On Linux At the console prompt enter etc init d sybase asa status to verify the status of the database If the database...

Page 332: ...ybase bin32s directory on Linux 7a2 Enter the dbisql command 7a3 In the Identification tab specify the database credentials 7a4 Click the Database tab then specify the name of database service that is...

Page 333: ...as been successfully completed take a reliable backup of the newly built database If you encounter any issues during the rebuild process contact Novell Support http www novell com support 13 Stop the...

Page 334: ...atabase subsequent to its initial backup 1 Delete the existing database backup schedule by executing the following command at the Primary Server command prompt zman db current_database_backup_location...

Page 335: ...ckup complete_path_of_the_database_backup_directory complete_path_of_the_modified_database_backup_schedule_file d SQL_function_call For example to back up the database to the c dbbackup directory on a...

Page 336: ...want to back up the database to a directory on Windows you must use double backslash as the delimiter while specifying the database backup directory path For example assume that you have database back...

Page 337: ...t second and third day on the month to a new location e zendb dbbackup change the database backup schedule and location in the zendbbackup event by executing the following query in the DBISQL utility...

Page 338: ...338 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 339: ...section includes information about Message Logger features and procedures to help you configure and maintain your Novell ZENworks system Chapter 37 Overview on page 341 Chapter 38 Configuring Message...

Page 340: ...340 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 341: ...or local machines from the Primary Server Sends messages as UDP packets to UDP destinations Writes messages to the ZENworks database Automatically purges database entries from the ZENworks database Au...

Page 342: ...em Administration Reference novdocx en 16 April 2010 37 3 Message Format Messages are logged in different formats depending on the output targets For more information on message formats see Section 39...

Page 343: ...Logging In ZENworks Control Center the Local Device Logging page lets you configure the message logging to a local drive and the system log file of the managed device 1 In ZENworks Control Center cli...

Page 344: ...o Local System Log if Severity Is Choose from one of the following Error Stores messages with severity of Error Warning and Above Stores messages with a severity of Warning and Error Information and A...

Page 345: ...he warning messages dated until today are acknowledged By default all the warning messages older than 60 days are automatically acknowledged Auto delete when older than days Allows you to automaticall...

Page 346: ...eld see Section 39 1 2 E Mail Format on page 350 5 In the SNMP Traps panel configure the SNMP traps on the ZENworks Server to send log messages Send as SNMP Trap if Severity Is Sends an SNMP trap if t...

Page 347: ...Logger settings configured at the zone level are applied to all the managed devices However you can modify the Local Device Logging settings for the managed device 1 In ZENworks Control Center click D...

Page 348: ...348 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 349: ...logged in different formats depending on the output targets such as local log e mail notification SNMP traps and UDP notification All error messages log the component name on which the error is genera...

Page 350: ...at 4 1 07 5 31 01 PM then specify s occurred on device a at t in the Subject field Message Body The message body consists of the following fields Device Alias Name of the device where the message is g...

Page 351: ...sageLogger INFO the specific trap is 3 Time Stamp The time stamp indicating when the trap occurred Variable Bindings Provides additional information pertaining to the trap This field consists of the f...

Page 352: ...ge 353 39 2 1 Message Summary The Message Summary panel displays the number of critical warning and normal messages generated on the main objects in the Management Zone Figure 39 1 Message Summary In...

Page 353: ...ction that fails so the ZENworks Adaptive Agent cannot complete the action on the device This column indicates the number of unacknowledged warning messages generated for the device A warning is any a...

Page 354: ...ou can acknowledge or delete messages from the message log For more information on acknowledging messages see Section 39 4 Acknowledging Messages on page 355 and for information on deleting messages s...

Page 355: ...ledging a Message on page 355 Section 39 4 2 Acknowledging Multiple Messages on page 355 Section 39 4 3 Acknowledging Messages Logged During a Specified Time on page 356 39 4 1 Acknowledging a Message...

Page 356: ...click Message Cleanup to display 3 In the Message Cleanup dialog box select Acknowledge 4 In the Date Range option select the Beginning Date and the Ending Date 5 Select the Filter option None Cleans...

Page 357: ...Deleting Messages Logged During a Specified Time on page 358 39 5 1 Deleting a Message 1 In the Message Log panel or the System Message Log panel click the message you want to delete 2 In the Message...

Page 358: ...ete the message A system message is logged after the cleanup action is completed For more information on viewing the system log see Section 39 3 2 System Message Log on page 354 39 6 Viewing the Prede...

Page 359: ...rks Messages Displays message details such as the log time and description for all the ZENworks System messages For more information on creating and managing reports see the ZENworks 10 Configuration...

Page 360: ...360 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 361: ...database uppercase and lowercase letters might not create uniqueness for the same name The embedded database included with ZENworks 10 Configuration Management is case insensitive so Folder 1 and FOL...

Page 362: ...362 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 363: ...use to select a date for the event You can add multiple dates one at a time Run Event Every Year Select this option to run the event every year on the dates shown in the Start Date s list Select When...

Page 364: ...re B 2 Event Schedule Select from the following triggers User Login A user logs in to the device s operating system User Logout A user logs out of the device s operating system Device Boot The device...

Page 365: ...work the device must be manually refreshed or refreshed according to schedule before the Adaptive Agent can upload or launch the bundle even if the device connects to the network B 3 Now Select this s...

Page 366: ...between Start Time and End Time Starts the event at a randomly selected time between the time you specify in the Start Time and End Time fields You can use this option to avoid possible network overl...

Page 367: ...example both 7 days 8 hours and 1 week 8 hours provide the same schedule Start Date Specifies the initial start date for the interval Start Time Specifies the initial start time for the interval Proc...

Page 368: ...368 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Page 369: ...ed Icons One or more custom animated icons named refresh_xx ico where xx is a double digit numeric value that can range from 00 to 99 These icons are displayed when the managed device is refreshed You...

Page 370: ...the same name as the deleted file the icon associated with the renamed file is incorrectly displayed as the icon of the deleted file in the ZENWORKS_HOME bin icons ZIcon directory However the renamed...

Page 371: ...16 2010 Updates were made to the following sections D 2 March 30 2010 SP3 10 3 Updates were made to the following sections Location Update Section 6 2 2 Starting the ZENworks Services on page 74 Upda...

Page 372: ...o an NSS Volume on page 240 Added the section Chapter 29 Content Replication on page 243 Added information about the Force Inheritance feature Section 29 1 Configuring Content Replication at the Manag...

Page 373: ...ctions for User Sources on page 267 Added entire section Section 32 2 Authentication Mechanisms on page 272 Added entire section Section 33 6 Using ZENworks 10 Asset Management with ZENworks 7 Desktop...

Page 374: ...374 ZENworks 10 Configuration Management System Administration Reference novdocx en 16 April 2010...

Reviews:

No comments

Related manuals for ZENWORKS 10 CONFIGURATION MANAGEMENT SP3 - NETWORK DISCOVERY DATABASE STRUCTURE

MAGICTWINXP-R10

Brand: JETWAY Pages: 43

ANTI-VIRUS 5.5 - FOR NOVELL NETWARE

Brand: KAPERSKY Pages: 134

Brand: Primera Pages: 19

Brand: Sony Pages: 1

Walkman D-NE319

Brand: Sony Pages: 2

Brand: Sony Pages: 2

VAIO VGN-TXN17P/T

Brand: Sony Pages: 2

VAIO VGN-TXN19P

Brand: Sony Pages: 2

VAIO VGN-TXN17P/B

Brand: Sony Pages: 2

VAIO VGN-TXN15P/W

Brand: Sony Pages: 2

VAIO VGN-TXN15P/T

Brand: Sony Pages: 2

VAIO VGN-TXN15P/B

Brand: Sony Pages: 2

VAIO VGN-TXN15P - VAIO - Core Solo 1.2 GHz

Brand: Sony Pages: 24

Network Camera Recorder V 1.0

Brand: Sony Pages: 37

Brand: Sony Pages: 115

Brand: Sony Pages: 202

Brand: Sony Pages: 382

BD DISCRECORDER 2.7

Brand: Ulead Pages: 19

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands