Filtered Index

Filtered by: ZENworks Configuration Management

kmillecam's picture
article
Reads:

6045

Score:
3
3
1
 
Comments:

2


Heads Up: ZENworks 10 Configuration Management Now Shipping, adding Endpoint Security to the ZENworks Arsenal

Freshly updated with new Q&A. ZENworks 10 Configuration Management, the latest addition to Novell's systems management portfolio, is now shipping in three editions that allow you to choose the functionality that best meets your security and management needs. Come learn more about it.

Submitted by: kmillecam on Tue. 08.14.2007
Filed Under: ZENworks Cool Solutions, Cool Solutions
Topic: Configuration
Product: ZENworks, ZENworks Configuration Management

Rydberg's picture
article
Reads:

5740

Score:
2.25
2.3
8
 
Comments:

0


Partner Blog: Mikael Rydberg - ZENworks Configuration Management 10 Partner Training

Mikael reports on the First Class training he recently attended about ZENworks Configuration Management 10.

aphilp's picture
blog
Reads:

7259

Score:
1
1
1
 
Comments:

0


ZCM and Certificates

When you install ZENworks Configuration Management, one of the first choices you are asked to make is whether to use an internal or external Certificate Authority.

 

The managed agent uses .NET code to communicate via TLS with the ZCM server. Installation of the managed agent automatically updates the client's local machine trusted root authority certificate store with the the CA (Certificate Authority) of the server.

The main sticky points I see with DNS are making sure that the URL used to connect to the Primary Server is the same DNS name as the server itself. So long as the CA has signed the cert of the primary server (performed during the Primary Server install) and the DNS name used to connect matches the servers cert exactly, all’s well with the world.

If you want to connect using different IP/DNS names, such as in a NAT environment, they are ways around those problems. Firstly, you can populate “Additional DNS names” and “Non-detectable IP addresses” to tell the primary server about other connection methods. Secondly, you can tell the client to ignore name matching with a reg key. Is that what you went with?

© 2013 Novell