3.3 Preinstallation Tasks

Perform the following applicable tasks, then continue with Section 4.1, Performing the Installation:

3.3.1 Verifying That the Minimum Requirements Have Been Met

Before you begin the ZENworks installation, ensure that the following requirements are met:

  • Ensure that the device where you want to install the Primary Server software fulfills the necessary requirements. For more information, see Section 1.0, System Requirements.

  • (Conditional) If you plan to install the Primary Server software on 64-bit Windows Server 2003 or 64-bit Windows Server 2008, ensure that the device has Windows Installer 4.5 or later installed.

3.3.2 Creating an Installation DVD from the ISO Download

If you obtained the ZENworks software as an ISO image download, do one of the following to create the installation DVD:

Using Windows to Create a ZENworks Installation DVD from an ISO Image

  1. Download the ZENworks 11 installation ISO image from the Novell Web site and copy it to a temporary location on your Windows device.

  2. Burn the ISO image to a DVD.

Using Linux to Create a ZENworks Installation DVD from an ISO Image

Optionally, you can simply run the installation program from the ISO mount point, instead of burning the DVD:

  1. Download the ZENworks 11 installation ISO image from the Novell Web site and copy it to a temporary location on your Linux device.

  2. Do one of the following:

    • Mount the ISO image by using the following command:

      mount -o loop /tempfolderpath/isoimagename.iso mountpoint
      

      Replace tempfolderpath with the path to the temporary folder, replace isoimagename with the ZENworks ISO filename, and replace mountpoint with the path to the file system location where you want to mount the image. The path specified by mountpoint must already exist.

      For example:

      mount -o loop /zcm11/ZCM11.iso /zcm11/install
      
    • Burn the ISO image to a DVD.

3.3.3 Creating an External Certificate

If you plan to use external certificates, install openssl and create individual server certificate with subject as the server’s Fully Qualified Domain Name (FQDN) for all the devices on which you plan to install ZENworks Primary Server or to use it as Satellites with the authentication role configured.

Do the following to create an individual certificate file:

  1. To generate a private key that is needed to create a certificate signing request (CSR), enter the following command:

    openssl genrsa -out zcm.pem 2048
    
  2. To create a CSR that can be signed by the external CA, enter the following command:

    openssl req -new -key zcm.pem -out zcm.csr
    

    When you are asked for “YOUR name,” enter the full DNS name assigned to the server where you are installing ZENworks 11 .

  3. To convert the private key from PEM format to DER format, enter the following command:

    openssl pkcs8 -topk8 -nocrypt -in zcm.pem -inform PEM -out zcmkey.der -outform DER
    

    The private key must be in the PKCS8 DER format, and the signed certificate must be in the X.509 DER format. You can use the OpenSSL command line tool to convert your keys to the proper format. This tool can be obtained as part of the Cygwin toolkit, or as part of your Linux distribution.

  4. Use the CSR and generate a certificate by using Novell ConsoleOne, Novell iManager or a true external CA such as Verisign.

Generating a Certificate by Using Novell ConsoleOne

  1. Ensure that eDirectory is configured as the CA.

  2. Issue the certificate for the Primary Server.

    1. Launch Novell ConsoleOne.

    2. Log in to the eDirectory tree as an administrator with the appropriate rights. For more information about the appropriate rights, see the Entry Rights Needed to Perform Tasks section in the Certificate Server documentation at the Novell Documentation Web site.

    3. From the Tools menu, click Issue Certificate.

    4. Browse for and select the zcm.csr file.

    5. Click Next.

    6. Complete the wizard by accepting the default values.

    7. Specify the certificate basic constraints, then click Next.

    8. Specify the validity period, the effective and expiration dates then click Next.

    9. Click Finish.

    10. Choose to save the certificate in the DER-format, and specify a name for the certificate.

  3. Export the Organizational CA's self-signed certificate.

    1. Log in to eDirectory from ConsoleOne.

    2. In the Security container, right-click the CA, then click Properties.

    3. In the Certificates tab, select the self-signed certificate.

    4. Click Export.

    5. When prompted to export the private key, click No.

    6. Export the certificate in DER format and choose the location in which you want to save the certificate.

    7. Click Finish.

You should now have the three files that you need to install ZENworks using an external CA.

Generating a Certificate by Using Novell iManager

  1. Ensure that eDirectory is configured as the CA.

  2. Issue the certificate for the Primary Server.

    1. Launch Novell iManager.

    2. Log in to the eDirectory tree as an administrator with the appropriate rights. For more information about the appropriate rights, see the Entry Rights Needed to Perform Tasks section in the Novell Certificate Server 2.7 documentation.

    3. From the Roles and Tasks menu, click Novell Certificate Server > Issue Certificate.

    4. Click Browse to browse for and select the CSR file, zcm.csr.

    5. Click Next.

    6. Accept the default values for the key type, the key usage, and the extended key usage, then click Next.

    7. Accept the default certificate basic constraints, then click Next.

    8. Specify the validity period, the effective and expiration dates then click Next. Depending upon your needs, change the default validity period (10 years).

    9. Review the parameters sheet. If it is correct, click Finish. If it is incorrect, click Back until you reach the point where you need to make changes.

      When you click Finish, a dialog box is displayed explains that a certificate has been created. This exports the certificate into the binary DER-format.

    10. Download and save the issued certificate

  3. Export the Organizational CA's self-signed certificate.

    1. Log in to eDirectory from iManager.

    2. From the Roles and Tasks menu, click Novell Certificate Server > Configure Certificate Authority.

      This displays the property pages for the Organizational CA, which include a General page, a CRL Configuration page, a Certificates page, and other eDirectory-related pages.

    3. Click Certificates, then select Self Signed Certificate.

    4. Click Export.

      This starts Certificate Export wizard.

    5. Deselect the Export the Private Key option, and choose the export format as DER.

    6. Click Next, then save the exported certificate.

    7. Click Close.

You should now have the three files that you need to install ZENworks using an external CA.

3.3.4 Installing an External ZENworks Database

If you want to install and use the embedded Sybase database for ZENworks 11 Configuration Management, see Section 4.1, Performing the Installation.

If you want to set up an external database, you have the following options:

  • Set up the database during the Primary Server installation: This is the quickest and easiest method. For detailed information about this method, see Section 4.1, Performing the Installation.

  • Set up the database externally before installing the Primary Server: This option is especially useful if your database administrator is not the same as your ZENworks administrator. Detailed information about this method is provided in this section.

During the ZENworks installation you have the following options to install or create external ZENworks databases:

  • Install to a new remote OEM Sybase database

  • Install to an existing Sybase SQL Anywhere external database

  • Install to an existing Microsoft SQL Server external database

  • Create a new Microsoft SQL Server external database

  • Install to an existing Oracle user schema

  • Create a new Oracle user schema

Some of these options require you to complete certain tasks for creating or setting up external databases before ZENworks can write to them during installation. Complete the prerequisites, then continue with the database installation.

Prerequisites for Installing External Databases

Review the applicable sections:

Prerequisites for Remote OEM Sybase

Before installing ZENworks 11 to create the Management Zone, you must install the remote OEM Sybase database on your remote database server so that it can be properly configured during installation of the Primary Server that hosts the database.

NOTE:For this database, Novell Support provides problem determination, provision of compatibility information, installation assistance, usage support, ongoing maintenance, and basic troubleshooting. For additional support, including extended troubleshooting and error resolution, see the Sybase Support Web site.

Prerequisites for Remote Sybase SQL Anywhere

Before installing and configuring the Sybase SQL Anywhere database for ZENworks 11 , make sure the following prerequisites are met:

  • Install and set up the Sybase SQL Anywhere database so that it can be updated when you install ZENworks 11 on the Primary Server.

  • Ensure that the database user has read/write permissions to create and modify the tables on the database server.

NOTE:For this database, Novell Support provides problem determination, provision of compatibility information, installation assistance, usage support, ongoing maintenance, and basic troubleshooting. For additional support, including extended troubleshooting and error resolution, see the Sybase Support Web site.

Prerequisites for Microsoft SQL Server

Before installing and configuring the Microsoft SQL Server database for ZENworks 11, ensure that the Microsoft SQL Server software is installed on the database server so that the ZENworks installation program can create the new Microsoft SQL database. For instructions on installing the Microsoft SQL Server software, refer to the Microsoft documentation.

Prerequisites for Oracle

During the installation of the ZENworks database on Oracle, you can choose to create a new user schema or specify an existing one that resides on a server in your network.

  • Create a new user schema: If you choose to create a new user schema, ensure that the following requirements are met:

    • You must be aware of the database administrator credentials.

    • A tablespace must already exist for associating to the Oracle access user.

    • The tablespace must have sufficient space to create and store the ZENworks database schema.The tablespace requires a minimum of 100 MB to create the ZENworks database schema without any data in it.

  • Use an existing user schema: You can install to an existing Oracle user schema that resides on a server in your network in the following scenarios:

    • The database administrator creates a user schema with the necessary rights and you receive the credentials for that user schema from the database administrator. In this case, the database administrator credentials are not required to install to an existing Oracle user schema.

    • You create a user schema in the Oracle database and choose to use it during ZENworks 11 installation.

    If you choose to use an existing user schema, ensure that the following requirements are met:

    • Ensure that the tablespace has sufficient space to create and store the ZENworks database schema.The tablespace requires a minimum of 100 MB to create ZENworks database schema without any data in it.

    • Ensure that the quota for the user schema is set to Unlimited on the tablespace that you plan to configure during the installation.

    • Ensure that the user schema has the following rights to create the database.

      • CREATE SESSION
      • CREATE_TABLE
      • CREATE_VIEW
      • CREATE_PROCEDURE
      • CREATE_SEQUENCE
      • CREATE_TRIGGER

    IMPORTANT:For Oracle databases, performance can be affected by whether you configure your database to use shared server or dedicated server processes. Each ZENworks Primary Server is configured with a database connection pool whose size fluctuates with the ZENworks system load. This pool can grow at peak loads to a maximum of 100 concurrent database connections per Primary Server. If your Oracle database is configured to use dedicated server processes, it is possible that your database server resource usage can reach undesirable levels that affect performance when there are multiple Primary Servers in your zone. If you encounter this problem, consider changing your ZENworks database to use shared server processes.

Performing the External ZENworks Database Installation

  1. Make sure that the server where you plan to install the external database fulfills the requirements in Section 1.4, Database Requirements and Prerequisites for Installing External Databases.

  2. Start the database installation program.

    1. On the server where you want to install the external database, insert the Novell ZENworks 11 installation DVD.

      If the DVD autoruns the database installation program, exit the program.

      If the server is Windows, continue with Step 2.b. If the server is Linux, skip to Step 2.c.

    2. For Windows, enter the following at the command prompt on the external database server:

      DVD_drive:\setup.exe -c

      or

      If ZENworks 11 has already been installed on a device, and if you want to use the device to configure another instance of the ZENworks database (on the same device or on another device) by using the external database installation program, run the following command:

      DVD_drive:\setup.exe -c --zcminstall

    3. For Linux, run the following command on the external database server:

      sh /media/cdrom/setup.sh -c

      This provides additional options that you do not have when installing the Primary Server, especially if you want to make your OEM database a remote database. You can view the SQL files generating the ZENworks database, create access users, view creation commands (OEM Sybase only), and so on.

      or

      If ZENworks 11 has already been installed on a device, and if you want to use the device to configure another instance of the ZENworks database (on the same device or on another device) by using the external database installation program, run the following command:

      mounted_DVD_drive/setup.sh -c --zcminstall

      Using the sh command resolves rights issues.

      Only the GUI installation is available for installing a database.

  3. On the Select ZENworks Database page, select one of the following:

    • OEM Sybase SQL Anywhere: Installs the default Sybase database for ZENworks. It is configured as a service, the database user is created, and the required tables for the Primary Server are established.

      If you select this option, you must use the -o (or --sybase-oem) parameter with the setup.exe installation executable in order to successfully install to the database when you install the Primary Server software. This parameter allows ZENworks to authenticate the database prior to performing any operations on it.

      You should use the -o parameter only when you are using the Sybase installation that is provided on the Novell ZENworks 11 installation DVD.

      You must also select the Remote Sybase SQL Anywhere option during installation of the Primary Server.

    • Sybase SQL Anywhere: Sets up an existing Sybase database for writing ZENworks information to it.

    • Microsoft SQL Server: Creates a ZENworks database on a Microsoft SQL Server.

    • Oracle: Specifies a user schema that you can use to set up an external Oracle database schema for use with ZENworks.

    IMPORTANT:For external databases, the server hosting the database must have time synchronization with each of the Primary Servers in the Management Zone, when the databases are installed.

  4. Click Next.

  5. During installation, refer to the following information for details on the installation data that you need to know (you can also click the Help button for similar information):

  6. Continue with Section 4.1, Performing the Installation.

OEM Sybase SQL Anywhere Database Installation Information

The information you need is listed in the order of the installation flow.

Table 3-1 OEM Sybase SQL Anywhere Information

Installation Information

Explanation

Sybase Database Installation

Specify the path to where you want the OEM copy of the Sybase SQL Anywhere database software installed. On the target Windows server, only the drives that are currently mapped on the server are available.

The default path is drive:\novell\zenworks, which you can change. The installation program creates the \novell\zenworks directory for the installation of Sybase.

Sybase Server Configuration

Specify the port used by the Sybase SQL Anywhere database server. By default, it is 2638. Change the default port number if you have a conflict.

Sybase Access Configuration

Defaults are provided for some of the information, which you can change as necessary.

  • Database Name: Specify a name for the database to be created.

  • Username: Specify a name to create a new user who can access the database.

  • Password: Specify the password to be used to the access the database.

  • Database Server Name: Specify a name for the Sybase SQL Anywhere database server.

Database File Location

Specify the path to where you want the ZENworks Sybase database file created. By default, the installation program creates the drive:\novell\zenworks directory for the installation of Sybase, which you can change. A \database directory is appended to the default directory.

For example,. the default path is drive:\novell\zenworks\database.

Review Database Information

Review the database configuration information.

The Server Address field displays the IP address configured in the hosts file and this does not impact the database installation. The hosts file is located in the c:\windows\system32\drivers\etc directory on a Windows device, and in the /etc/ directory on a Linux device.

The database driver information is automatically detected by the ZENworks Database installer.

Review SQL Scripts

Review the SQL scripts to be executed during the creation of the database.

Review Database Creation Command

Review the database commands used to create the database.

Sybase SQL Anywhere Database Installation Information

The information you need is listed in the order of the installation flow.

Table 3-2 Sybase SQL Anywhere Information

Installation Information

Explanation

Sybase Server Configuration

  • Server’s name: We recommend that you identify the server by its DNS name rather than its IP address, to be in sync with certificates that are signed with DNS names.

    IMPORTANT:If you later change your database server’s IP address or DNS name, make sure that your corporate DNS server is updated with this change to keep DNS for the database server in sync.

  • Port: Specify the port used by the Sybase SQL Anywhere database server. By default, it is 2638. Change the default port number if you have a conflict.

Sybase Access Configuration

This server must have a Sybase SQL Anywhere database installed. Defaults are provided for some of this information, which can be changed as necessary.

  • Database Name: Specify the name of the existing database

  • Username: Specify the user who can modify the database. The user must have read/write permissions to modify the database.

  • Password: Specify the password of an existing user with read/write permissions to the database.

  • Database Server Name: Specify the name of your Sybase SQL Anywhere database server.

Review Database Information

Review the database configuration information.

The database driver information is automatically detected by the ZENworks Database installer.

Review SQL Scripts

Review the SQL scripts to be executed during the creation of the database.

Review Database Creation Commands

Review the database commands used to create the database.

MS SQL Database Installation Information

The information you need is listed in the order of the installation flow.

Table 3-3 Microsoft SQL Server Database Information

Installation Information

Explanation

Select Database

You can choose to create a new database or connect to an existing database.

External Database Server Configuration

The database server must have an MS SQL database installed. Defaults are provided for some of this information, which can be changed as necessary.

  • Server Address: We recommend that you identify the server by its DNS name rather than its IP address, to be in sync with certificates that are signed with DNS names.

    IMPORTANT:If you later change your database server’s IP address or DNS name, make sure that your corporate DNS server is updated with this change to keep DNS for the database server in sync.

  • Port: Specify the port used by the MS SQL database server. By default it is 1433. Change the default port number if you have a conflict.

  • Named instance: This is the name of the SQL server instance that is hosting the existing ZENworks database. You must specify the named instance if you want it to be something other than the default of mssqlserver.

  • Database Name: Specify the name of the existing MS SQL database on which you want to host the ZENworks database. This option is available only for an existing database.

  • Username: Specify the user who can modify the database. The user must have read/write permissions to modify the database.

    For Windows authentication, provide a username on the current device or in the domain.

    IMPORTANT:You must ensure to provide the correct credentials because the installer wizard continues without validating the credentials. Consequently, the installation might fail towards the end of the installation process.

    For SQL authentication, provide a username that matches that of a valid SQL user.

  • Password: Type the password of user specified in the Username field.

  • Domain: It is important to know whether you installed the SQL Server by using SQL authentication, Windows authentication, or mixed. Be sure to select the option that coincides with your SQL Server options or the authentication will fail.

    If you are using Windows authentication, specify the Windows domain where the user you specified in the Username field exists. If you are not using a Windows domain, specify the server’s short name.

External Database Configuration > Database Location (applicable only for the new database)

Specify the path of the existing MS SQL database file on the SQL server. By default, it is c:\database. Ensure that the specified path exists on the device hosting the database before installation starts.

Review Database Information

Review the database configuration information.

Review SQL Scripts

Review the SQL scripts to be executed during the creation of the database. You can only view the scripts.

Oracle Database Installation Information

The information you need is listed in the order of the installation flow.

Table 3-4 Oracle Database Information

Installation Information

Explanation

Oracle User Schema Options

You can either create a new user schema or specify an existing one that resides on a server in your network. You can use the user schema to set up an external Oracle database schema for use with ZENworks.

If you are creating a new user schema, a tablespace must already exist for associating to the Oracle access user. In an existing user schema, the rights and tablespace must already be set up.

Oracle Server information

The database server must have an Oracle database installed. Defaults are provided for some of this information, which can be changed as necessary.

  • Server’s Address: We recommend that you identify the server by its DNS name rather than its IP address, to be in sync with certificates that are signed with DNS names.

    IMPORTANT:If you later change your database server’s IP address or DNS name, make sure that your corporate DNS server is updated with this change to keep DNS for the database server in sync.

  • Port: Specify the port used by the database server. By default, it is 1521. Change the default port number if you have a conflict.

  • Service Name: For a new user schema, specify the instance name (SID) on which the user schema is to be created. For an existing user schema, specify the instance name (SID) on which the user schema has been created.

Oracle Administrator (applicable only for the new user schema)

  • Username: Specify the user who can modify the database. The user must have read/write permissions to modify the database.

  • Password: Specify the password to be used to the access the database.

Oracle Access User

  • Username: For a new user schema, specify a name. For an existing user schema, specify the name of the user schema that already exists in the Oracle database.

  • Password: For a new user schema, specify a password to be used to access the database. For an existing user schema, specify the password used to access the user schema that already exists in the Oracle database.

  • Default Tablespace: For a new user schema, specify a name of the tablespace where you want the user schema to be created. For an existing user schema, specify the tablespace that contains the user schema specified in the Username field.

    By default, it is USERS.

Review Database Information

Review the database configuration information.

Review SQL Scripts

Review the SQL scripts to be executed during the creation of the database.

3.3.5 Installing Mono 2.0.1-1.17 on SLES 11

If your SLES 11 device on which you want to install ZENworks 11 Configuration Management does not have Mono installed, do the following to install Mono 2.0.1-1.17:

  1. Start the ZENworks 11 Configuration Management installation program by using one of the following methods:.

    • Graphical User Interface (GUI) installation: Mount the Novell ZENworks 11 installation DVD, then run sh /media/cdrom/setup.sh. Using the sh command resolves rights issues.

    • Command Line installation: Do the following:

      1. On the installation server, insert the Novell ZENworks 11 installation DVD.

      2. Mount the DVD.

      3. To start a command line installation, do the following:

        1. To a directory where all (including “others”) have read and execute access, either mount the DVD or copy the DVD’s files.

          This cannot be in /root or any directory under it.

          If you copy the DVD's files, make sure that all (including “others”) continue to have read and execute access to the destination directories.

        2. Run the following command:

          sh /mount_location/setup.sh -e
          
  2. Install Mono bundled with ZENworks 11 Configuration Management.

  3. (Optional) The ZENworks 11 Configuration Management installation program allows you to continue to install ZENworks 11 Configuration Management. For more information on how to install ZENworks, see Section 4.1, Performing the Installation.