Filtered Index

Filtered by: ZENworks Configuration Management

Pages « First‹ Previous
coolguys's picture
article
Reads:

5802

Score:
1.636365
1.6
11
 
Comments:

0


Novell & Microsoft: What Do You Think?

Learn more about the landmark announcement from Novell and Microsoft.

Read More

Submitted by: coolguys on Wed. 11.01.2006
Filed Under: Cool Solutions
Topic: Identity & Security Management, Secure Access, Secure Identity, Workgroup
Product: Access Manager, Audit, BorderManager, ConsoleOne, DirXML, eDirectory, eGuide, exteNd, File System Factory, GroupWise, iChain, Identity Manager, Identity Manager 3.5, Identity-Driven Computing, iFolder, iManager, iPrint, Linux, NetMail, NetWare, NMAS, Novell Client, NWAdmin, Open Enterprise Server, Open Workgroup Suite, openSUSE, Secure Identity Management, SecureLogin, Security Manager, Sentinel, Small Business Suite, SUSE Linux, SUSE Linux 10.0, SUSE Linux Desktop, SUSE Linux Enterprise, SUSE Linux Enterprise 10, SUSE Linux Enterprise Desktop, SUSE Linux Enterprise Server, SUSE Linux Openexchange Server, Virtual Office, Workgroup, ZENworks, ZENworks Asset Management, ZENworks Configuration Management, ZENworks for Desktops, ZENworks for Servers, ZENworks Linux Management, ZENworks Orchestrator

aphilp's picture
blog
Reads:

7140

Score:
1
1
1
 
Comments:

0


ZCM and Certificates

When you install ZENworks Configuration Management, one of the first choices you are asked to make is whether to use an internal or external Certificate Authority.

 

The managed agent uses .NET code to communicate via TLS with the ZCM server. Installation of the managed agent automatically updates the client's local machine trusted root authority certificate store with the the CA (Certificate Authority) of the server.

The main sticky points I see with DNS are making sure that the URL used to connect to the Primary Server is the same DNS name as the server itself. So long as the CA has signed the cert of the primary server (performed during the Primary Server install) and the DNS name used to connect matches the servers cert exactly, all’s well with the world.

If you want to connect using different IP/DNS names, such as in a NAT environment, they are ways around those problems. Firstly, you can populate “Additional DNS names” and “Non-detectable IP addresses” to tell the primary server about other connection methods. Secondly, you can tell the client to ignore name matching with a reg key. Is that what you went with?

Read More

Submitted by: aphilp on Tue. 11.30.1999
Filed Under: ZENworks Cool Solutions, Cool Solutions, Cool Blogs: Official Novell Bloggers
Topic: Certificates
Product: ZENworks Configuration Management

Pages « First‹ Previous
Pages « First‹ Previous

© 2013 Novell