1.1 Primary Server Requirements

The server where you install the Primary Server software must meet the following requirements:

Table 1-1 Primary Server Requirements

Item

Requirements

Additional Details

Server Usage

Your server might be capable of handling tasks in addition to the tasks a Primary Server performs for ZENworks 11 SP2. However, we recommend that any server where you install the Primary Server software be used only for ZENworks 11 SP2 purposes.

For example, you might not want the server to do the following:

  • Host Novell eDirectory

  • Host Novell Client32

  • Host Active Directory

  • Be a terminal server

Operating System

Windows:

  • Windows Server 2003 R2 SP2 x86, x86_64 (Enterprise and Standard editions)

  • Windows Server 2003 SP2 x86, x86_64 (Enterprise and Standard editions)

  • Windows Server 2008 SP1 / SP2 x86, x86_64 (Enterprise and Standard editions)

  • Windows Server 2008 R2 x86_64 (Enterprise and Standard editions)

  • Windows Server 2008 R2 SP1 x86_64 (Enterprise and Standard editions)

Linux:

  • SUSE Linux Enterprise Server 10 (SLES 10) SP3/SP4 x86, x86_64 (Intel and AMD Opteron processors)

  • Open Enterprise Server 2 (OES 2) SP2 / SP3 x86, x86_64

  • SLES 11 SP1 x86, x86_64 (Intel and AMD Opteron processors)

  • Red Hat Enterprise Linux 5.5 / 5.6 / 5.7 x86, x86_64

  • Red Hat Enterprise Linux 6.0 x86, x86_64

  • Red Hat Enterprise Linux 6.1 x86, x86_64

  • Open Enterprise Server 11 (OES 11) x86_64

All the Core and Data Center Editions of Windows Server 2003 and Windows Server 2008 are not supported as Primary Server platforms. Windows Server 2008 Core is not supported because it does not support the .NET Framework.

ZENworks 11 SP2 Configuration Management is supported on Windows Server 2003 and Windows Server 2008 editions with or without Hyper-V.

Before you install a ZENworks Server on a SLES 11 x86_64 device, you must ensure that pam-32 bit libraries are installed on the device because the CASA rpms are dependent on these libraries.

To install pam-32 bit libraries:

  1. Log in to the Linux device as the root user.

  2. Insert the Linux installation media.

  3. Run Yast to open the YaST Control Center.

  4. Click Software > Software Management.

  5. In the Search option, specify CASA and click OK to list all the CASA packages.

  6. Select the pam-32 package and click Install > Apply.

NOTE:Installation on a server in a clustered environment is not supported.

IMPORTANT:Open Enterprise Server and all x86 (32-bit) operating systems will not be supported ZENworks Primary Server platforms in ZENworks 11 SP3.

Processor

Minimum: Server-class CPU such as AMD Opteron or Intel Xeon processor.

If the Primary Server is running on a Virtual Machine, it is recommended to use a dual-core processor.

If the Primary Server is running Patch Management, we recommend a fast processor, such as the Intel Core Duo processor.

RAM

2 GB minimum; 4 GB recommended

 

Disk Space

9 GB if installing without ZENworks Reporting Server. 14 GB if installing with ZENworks Reporting Server. 7 GB recommended for running. Depending on the amount of content you need to distribute, this number can vary greatly.

500 MB is recommended for the tmp directory. This disk space is required for rebuilding and editing the packages.

Patch Management file storage (downloaded patch content) requires at least 25 GB of additional free disk space. All content replication servers also require this same amount of additional free disk space if Patch Management is enabled. If you use Patch Management in additional languages, each server also requires this additional amount of free space for each language used.

Because the ZENworks database file and ZENworks content repository can each become very large, you might want a separate partition or hard drive available.

For information on changing the default content repository location on a Windows server, see Content Repository in the ZENworks 11 SP2 Primary Server and Satellite Reference.

For Linux servers, you might want the /var/opt directory to be located on a large partition. This is where the database (if embedded) and content repository are stored.

/etc directory requires less space.

Display resolution

1024 × 768 with 256 colors minimum

 

File System

If you have installed embedded Sybase on your device, ensure that the file system of the drive where you have installed ZENworks Configuration Management supports files with size higher than 4 GB.

 

DNS Resolution

The servers and workstations in the Management Zone must use properly configured DNS to resolve device hostnames, otherwise some features in ZENworks will not work properly. If the DNS is not properly configured, the servers cannot communicate with each other, and the workstations cannot communicate with the servers.

Server names must support DNS requirements, such as not having underscores in their names, or ZENworks login fails. Acceptable characters are the letters a-z (uppercase and lowercase), numbers, and the hyphen (-).

 

IP Address

  • The server must have a static IP address or a permanently leased DHCP address.

  • An IP address must be bound to all NICs on your target server.

Installation hangs if it is trying to use a NIC that does not have an IP address bound to it.

Microsoft .NET (Only for Windows)

The Microsoft .NET 3.5 SP1 framework and its latest updates must be installed and running on the Windows Primary Server in order to install ZENworks 11 SP2.

On Windows Server 2003/2008, you are given the option to launch the .NET installation during the installation of ZENworks. If you select the option, .NET is automatically installed.

On Windows Server 2008 R2, .NET 3.5 SP1 is available by default. However, you need to enable it. You are given the option to enable .NET during the installation of ZENworks. If you select the option, .NET is automatically enabled.

For more information on how to enable the .NET framework, see Enabling the .NET Framework in the ZENworks 11 SP2 Discovery, Deployment, and Retirement Reference.

Firewall Settings: TCP Ports

80 and 443

Inbound Port:

Port 80 is for Tomcat non-secure port and Port 443 is for Tomcat secure port.

Port 443 is also used for CASA authentication. Opening this port allows ZENworks to manage devices outside of the firewall. It is a good practice to make sure that the network is configured to always allow communication on this port between the ZENworks Server and ZENworks Agents on managed devices.

If other services are running on ports 80 and 443, such as Apache, or are used by OES2, the installation program asks you for new ports to use.

If you plan to use AdminStudio ZENworks Edition, it requires that the Primary Server is using ports 80 and 443.

Outbound Port:

Primary Server downloads patch license related information and checksum data over HTTPS (port 443), and the actual patch content files over HTTP (port 80). ZENworks Patch Management license information is obtained from the Lumension licensing server, the patch content and checksum data is retrieved from an AKAMAI hosted content distribution network (novell.cdn.lumension.com). You must make sure that the firewall rules allow outbound connections to these addresses because the patch content distribution network is a large fault tolerant network of cache servers.

Primary Server performs the ZENworks System Update Entitlement activation over HTTP (port 443) using the secure-www.novell.com website. This rule can be turned off after successfully completing the entitlement activation.

For more information, see the ZENworks 11 SP2 System Updates Reference.

Primary Server downloads system update related information and content over HTTP (port 443) using the you.novell.com website.

For more information see Managing Update Downloads in the ZENworks 11 SP2 System Administration ReferenceManaging Update Downloads in the ZENworks 11 SP2 System Updates Reference.

NOTE:You must assign the Network Interface to the firewall zone. Firewall rules are applied to this zone for managing the ports used by ZENworks 11 SP2.

 

2645

Used for CASA authentication. Opening this port allows ZENworks to manage devices outside of the firewall. It is a good practice to make sure that the network is configured to always allow communication on this port between the ZENworks Server and ZENworks Agents on managed devices.

 

5550

Used by Remote Management Listener by default.You can change this port in the Remote Management Listener dialog box in ZENworks Control Center.

Remote Management is used only with ZENworks Configuration Management.

 

5750

Used by Remote Management proxy.

Remote Management is used only with ZENworks Configuration Management.

 

5950

Used by Remote Management service by default. You can change this port in the Remote Management Settings panel of the Remote Management Configuration page in ZENworks Control Center.

Remote Management is used only with ZENworks Configuration Management.

 

7628

Used by the Adaptive Agent for Quick Tasks.

 

8005

Used by Tomcat to listen to shutdown requests. This is a local port, and cannot be accessed remotely.

 

8009

Used by Tomcat AJP connector.

 

9971

Used by AMT Hello Listener to discover the Intel AMT devices.

Firewall Settings: UDP Ports

67

Used by proxy DHCP when it is not running on the same device as the DHCP server.

 

69

Used by the Imaging TFTP, but will not work across firewall because it opens random UDP port for each PXE device.

The Imaging TFTP is used only with ZENworks Configuration Management.

 

997

Used by the Imaging Server for multicasting.

The Imaging Server is used only with ZENworks Configuration Management.

 

998

Used by the Preboot Server (novell-pbserv).

The Preboot Server (novell-pbserv) is used only with ZENworks Configuration Management.

 

1761

Port 1761 on the router is used to forward subnet-oriented broadcast magic packets for Wake-On-LAN.

 

4011

Used for proxy DHCP when it is running on the same device as the DHCP server. Make sure that the firewall is configured to allow the broadcast traffic to the proxy DHCP service.

 

13331

Used by the zmgpreboot policy, but will not work across firewall because it opens random UDP port for each PXE device.

The zmgpreboot policy is used only with ZENworks Configuration Management.

Supported Hypervisors

ZENworks server software can be installed in the following virtual machine environments:

  • VMware Workstation 6.5

  • XEN (Novell SLES 10, SLES 11 and Citrix XenServer 5.x, 6.0)

  • VMware ESX (4.1 update1, 4.1 update 2 and 5)

  • Microsoft Hyper-V Server Windows 2008 R2

  • Only released versions of guest operating systems (VMs) are supported. Experimental guest operating systems are not supported.

  • The guest operating system must match the operating system specified when creating the VM. For example, if during creation of the VM, the guest operating system is specified as Windows Server 2003, the actual guest operating system must be Windows Server 2003.

NOTE:If a Primary Server is behind a NAT firewall, the devices on the Internet or public network cannot communicate with it. To resolve the issue, you must configure additional IP addresses or DNS names for the Primary Server through ZENworks Control Center. For more information on how to configure additional access to a Primary Server, see Configuring Additional Access to a ZENworks Server in the ZENworks 11 SP2 Primary Server and Satellite Reference.