Novell Home

Avoiding the Refused Connection Message in ZENworks Server Management

Novell Cool Solutions: Tip
By Emile Steenkamp

Digg This - Slashdot This

Posted: 31 Aug 2005
 

"Resolving Certificate problems in this way on a subscriber should be fine. Also note TID 10097372 which covers this information as well."
--Shaun Pond, ZENworks Product Specialist

I have ZENworks for Servers 6.5 running on a NetWare 6.5 server. I wanted to be able to use ZfS TED to distribute files to all my Windows 2000 Pro workstations.

I installed ZfS 6.5 TED on a Windows 2000 Pro workstation by using this command:

<CD>:\ZENworks6.5\ServerManagement\ZfS\TedPol\setup.exe
<CD>:\ZENworks6.5\ServerManagement\ZfS\TedPol\sfiles\installlib\installwizard.properties -ws

Do not let it create an object in the tree. You have to create an external subscriber object in the tree manually.

This installation, by the way, is not supported by Novell. The path was supplied to me by a friend.

I created an external subscriber object in ConsoleOne and pointed it to the IP of that MS Windows 2000 Pro workstation.

I kept on getting the "refused connection" message in the ZENworks Server Management console on the server.

I could not resolve the certificate in ConsoleOne (right-clicking on the object and clicking on resolve certificate option); it asked me for a file location every time.

Solution

So I copied it over manually. Delete the certificate files on the external subscriber machine and copy the server certificate on manually, like this:

  1. First stop the ZfSService that is running on the PC. >NET STOP ZFSSERVICE< in DOS
  2. Then browse to: c:\ZENWORKS\PDS\TED\SECURITY\CSR
  3. Delete the "<Machinename>.csr" file that's in there.
    Don't worry, this file gets created automatically again when the service is started up.
  4. Browse to c:\ZENWORKS\PDS\TED\SECURITY\PRIVATE
  5. and delete the ".keystore" file.
  6. In ConsoleOne, right-click on the external subscriber object you have created, resolve the certificate and save it on your local PC.
    (Right-click on the external subscriber object, click on Resolve Certificate and click on Save.)
  7. From there copy the <servername>.cer file to:
    c:\ZENWORKS\PDS\TED\SECURITY on the Windows 2000 Pro workstation.
  8. Then start ZfSservice again. >NET START ZFSSERVICE< in DOS

It will now recreate the two files you deleted and the server will be able to resolve the certificate by itself and send the file through. No more errors, only "was sent successfully."

Example

#Here is a small batch run to make it easier:
#COPY THE <SERVERNAME>.CER FILE TO c:
NET STOP ZFSSERVICE
C:
CD\ZENWORKS\PDS\TED\SECURITY\CSR
DEL *.CSR
CD..
CD PRIVATE
DEL *.KEYSTORE
CD\
COPY *.CER C:\ZENWORKS\PDS\TED\SECURITY
NET START ZFSSERVICE

If you have any questions you may contact Emile at esteenkamp@truworths.co.za


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell