To achieve authentication at Satellite Servers, a token based authentication is introduced from ZENworks 2020 Update 2 onwards. By default, the Satellite Servers will not be able to perform the basic authentication. However, the security setting on Satellite Server can be configured by performing the following steps:
In ZCC, click Devices.
Click Servers, and then click the required Satellite Server.
Click Settings > Device Management > System Variables.
In System Variables, add the variables as shown in below tables.
Click Apply.
After upgrading all agents that are communicating with Satellite Servers to ZENworks 2020 Update 2 or above, enable the enhanced security feature and add the following system variables at zone, folder or device levels:
Name |
Value |
---|---|
authfilter.requireAuth |
true |
security.authfilter.allowLegacyDevice |
false |
Modifying the value of the “security.authfilter.allowLegacyDevice” parameter as false ensures that the requests without authentication header or requests with basic header is not authenticated.
However, if you have older agents in your zone, then the following configuration enables these agents to communicate with the Satellite Servers. The requests from agent with version ZENworks 2020 Update 2 or above sends bearer token as authorized header and will be allowed only if the token is valid.
Name |
Value |
---|---|
authfilter.requireAuth |
true |
security.authfilter.allowLegacyDevice |
true |
Modifying the value of the “security.authfilter.allowLegacyDevice” parameter as true ensures that the requests without authentication header or requests with basic header is also authenticated.