56.6 Administering Desktop Management Preboot Services

This section includes information about administering and configuring Desktop Management Preboot Services.

It includes the following topics:

56.6.1 Configuring Preboot Services Servers in Linux

In Preboot Services, the daemons do not use switches. Instead, to configure a daemon to do something that is not a default, you need to edit the configuration files.

You can edit configuration files while the daemon is running, because the files are only read when the daemon starts. Therefore, after editing the file you must restart the daemon for the changes to take effect.

For more information on the daemon configuration files, see Section 63.6.1, Initiating the Imaging Processes on Linux Imaging Servers.

The following sections explain how to configure the following ZENworks Imaging server components:

The libzmgserv.so library file cannot be configured.

Configuring the TFTP Server

It is seldom necessary to change the default TFTP server configuration values. If you need to change them, use the following procedure:

  1. Open the following file in an editor:

    /etc/opt/novell/novell-tftp.conf
    
  2. Edit the configuration settings per instructions within the file.

    For a list of configuration parameters, see Configuring novell-tftp.

  3. Save the changes.

  4. In a shell console, enter the following command:

    /etc/init.d/novell-tftp restart
    

Configuring the Proxy DHCP Server

The Proxy DHCP server provides PXE devices with the information that they require to be able to connect to the Preboot Services system.

Use the following steps to modify the settings of novell-proxydhcp:

  1. Open the following file in an editor:

    /etc/opt/novell/novell-proxydhcp.conf
    
  2. Edit the configuration settings per instructions within the file.

    For a list of configuration parameters, see Configuring novell-proxydhcp.

  3. Save the changes.

  4. In a shell console, enter the following command:

    /etc/init.d/novell-proxydhcp restart
    

You can set any of the IP address fields in the configuration utility to 0.0.0.0. The server replaces these entries with the IP address of the first network adapter installed in the server.

Configuring Novell-zmgprebootpolicy

The novell-zmgprebootpolicy daemon is used to check if there are any imaging actions that need to be performed on the device. It forwards requests to eDirectory (the libzmgserv.so library file) on behalf of PXE devices.

Use the following steps to modify the settings of novell-zmgprebootpolicy:

  1. Open the following file in an editor:

    /etc/opt/novell/zenworks/preboot/novell-zmgprebootpolicy.conf
    
  2. Edit the configuration settings per instructions within the file.

    For a list of configuration parameters, see Configuring novell-zmgprebootpolicy.

  3. Save the changes.

  4. In a shell console, enter the following command:

    /etc/init.d/novell-zmgprebootpolicy restart
    

Configuring the DHCP Server

The DHCP server needs to have option 60 (decimal) added to the DHCP tags if the Proxy DHCP and DHCP servers are running on the same physical server. This option should be a string type and must contain the letters PXEClient.

For more information, see Network Configuration.

56.6.2 Configuring Preboot Services Servers in NetWare

After Desktop Management Preboot Services is installed, it is seldom necessary to change the default server values. If you need to change the settings, however, you can do so by editing the appropriate .ini file for the server you want to change. These .ini files can be found on the Preboot Services server in the sys:\system directory.

This section contains the following information:

Configuring the MTFTP/TFTP Module

You can set the path that the MTFTP/TFTP module uses for file access by modifying the tftp.ini file. The following options are available:

ReadPath: Set the path that the MTFTP/TFTP module uses for file access. The default value for this setting is sys:\tftp\.

WriteProtect: Set the value to 0 to cause the MTFTP/TFTP module to accept Write requests, or set the value to 1 to disallow Write requests.

NOTE:The variable names (for example, ReadPath) are case sensitive.

Configuring the Proxy DHCP Module

You can set the parameters that the Proxy DHCP module uses by modifying the pdhcp.ini file. The following options are available:

TRANSACTION_SERVER_IP: The Preboot client contacts the server on this IP address to check for imaging work.

TFTP_SERVER_IP: The PXE/Preboot client contacts the server on this IP address to download the Preboot client (dinic.sys) and the ZENworks Imaging Engine if imaging work is required.

PDHCP_Server_IP: If this address is set, the Proxy DHCP server tries to bind to this IP address on the server. The IP address set must be a valid IP address on the server.

This setting can also be used to force the Proxy DHCP server to use the virtual LAN adapter on a cluster server, rather than the physical LAN adapter of the server.

This setting can be used to force the PDHCP server to respond on only one interface on a multi-homed server.

BOOT_MENU_TIMEOUT: This setting controls how long (in seconds) the PXE boot menu is displayed while a PXE workstation boots.

USE_DHCP_PORT: Set this to 0 to bind to the BINL port (4011). This is only necessary if you are running proxy DHCP and another DHCP Server on the same machine. This setting replaces the older USE_BINL_PORT setting.

USE_MTFTP: Set this option to 0 to disable multicast TFTP transfers. This is the default setting.

Set this option to 1 to enable multicast TFTP transfers. In this mode, the PXE client waits to join a multicast group for the transfer of the initial dinic.sys file. Enabling this option adds 10 to 20 seconds to the PXE boot-up sequence, so this is not recommended.

MTFTP_IP: This value specifies the multicast IP that the server should use for MTFTP transfers.

MTFTP_SERVER_PORT: This value specifies the server port to use for MTFTP transfers.

MTFTP_CLIENT_PORT: This value specifies the client port to use for MTFTP transfers.

MTFTP_OPEN_TIMEOUT: Sets the time to wait before opening the MTFTP session.

MTFTP_REOPEN_TIMEOUT: Sets the time to wait before reopening the MTFTP session.

NOTE:The variable names (for example, MTFTP_IP) are case sensitive.

Configuring the Transaction Server Module

You can set the parameters that the Transaction server module uses by modifying the dts.ini file. The following option is available:

Server UdpPort: Set this value to the UDP port number you want to use.

NOTE:This variable name is case sensitive.

Configuring the DHCP Server

For information on running the DHCP server and Proxy DHCP server on the same NetWare 6 server, see NetWare 6.x DHCP Server.

56.6.3 Configuring Preboot Services Servers in Windows

These sections explain how to configure the following Desktop Management Preboot Services servers:

Configuring the TFTP Server

It is seldom necessary to change the default TFTP server configuration values. If you need to change them, use the following procedure:

  1. From the Windows desktop, click Start > Programs > ZENworks Preboot Services > ZENworks Preboot Services configuration > TFTP configuration to display the TFTP Configuration window.

  2. Fill in the field:

    TFTP Data Path: The data path should point to a directory where the TFTP server looks for files that are requested or written to by clients.

  3. Click Save all to save new settings.

    or

    Click Exit to close the configuration utility without saving changes.

Configuring the MTFTP Server

It is seldom necessary to change the default MTFTP server configuration values. If you need to change them, use the following procedure:

  1. From the Windows desktop, click Start > Programs > ZENworks Preboot Services > ZENworks Preboot Services configuration > MTFTP configuration to display the MTFTP Configuration dialog box.

    MTFTP Configuration window
  2. Fill in the fields:

    Multicast IP: Specify the address to be used as a destination during multicast transfers. Make sure that the address used falls within the IP address range designated for multicast. If you change this value, be sure to update the corresponding entry in the Proxy DHCP configuration.

    Server Port: Specify the port number that the server expects to receive requests on. If you change this value, be sure to update the corresponding entry in the Proxy DHCP configuration.

    Data Read Path: Specify the directory where the MTFTP server reads the files that are requested by clients.

  3. Click Save all to save new settings.

    or

    Click Exit to close the configuration utility without saving changes.

Configuring the Proxy DHCP Server

The Proxy DHCP server provides Preboot Services clients with the information that they require to be able to connect to the Preboot Services system.

Use the following steps to check the settings of the Proxy DHCP server:

  1. From the Windows desktop, click Start > Programs > ZENworks Preboot Services > ZENworks Preboot Services configuration > Proxy DHCP configuration to display the Proxy DHCP Configuration dialog box.

    Proxy DHCP Configuration window
  2. Check the fields:

    Transaction Server IP: The Preboot client contacts the server on this IP address to check for imaging work.

    TFTP Server IP: The PXE Preboot client contacts the server on this IP address to download the Preboot client (dinic.sys) and the ZENworks Imaging Engine if imaging work is required.

    Proxy DHCP IP: If this address is set, the Proxy DHCP server tries to bind to this IP address on the server. The IP address set must be a valid IP address on the server.

    This setting can be used to force the Proxy DHCP server to use the virtual LAN adapter on a cluster server, rather than the physical LAN adapter of the server.

    This setting can also be used to force the PDHCP server to respond on only one interface on a multi-homed server.

    All of the MTFTP settings in this dialog box should be the same as the settings that appear in the MTFTP Configuration Utility. Do not modify the MTFTP Client Port, MTFTP Open Timeout, MTFTP Reopen Timeout, and PXE Boot Menu Timeout settings from their default values.

  3. Click Save All to save new settings.

    or

    Click Exit to close the configuration utility without saving changes.

You can set any of the IP address fields in the configuration utility to 0.0.0.0. The server replaces these entries with the IP address of the first network adapter installed in the server.

Configuring the DHCP Server

The DHCP server needs to have option tag 60 (decimal) added to the DHCP tags if the PDHCP and the DHCP servers are running on the same physical server. This option should be a string type and must contain the letters PXEClient.

For more information, see Windows 2000 Advanced Server.

56.6.4 Configuring IP Port Usage

This section describes the network ports used by Desktop Management Preboot Services. Using this information in this section, you can configure routers or firewalls to correctly forward the network traffic generated by Preboot Services.

Port usage for Linux imaging servers cannot be changed. For further information about configuring routers, see Section 56.4, Deploying Desktop Management Preboot Services in a Routed or Subneted Network Environment.

Available Ports

This section describes the network ports used by ZENworks Desktop Management Preboot Services. Using the information in this section, you can configure routers to correctly forward the network traffic generated by Preboot Services. For further information about configuring routers, see Section 56.4, Deploying Desktop Management Preboot Services in a Routed or Subneted Network Environment.

Desktop Management Preboot Services uses both well-known and proprietary IP ports.

The well-known IP ports include:

  • 67 decimal: The Proxy DHCP server listens on this port for PXE information requests. This is the same port used by a standard DHCP server.

  • 68 decimal: The DHCP/Proxy DHCP server listens on this port for client requests.

  • 69 decimal: The TFTP server listens on this port for file requests from PXE or Preboot Services clients. However, this port will not work across firewall because the TFTP server opens random UDP port for each PXE device.

  • 111 decimal: Port mapper port. Refer to RFC 1057. for a description of this server.

  • 4011 decimal: When running on the same server as the DHCP daemon, the Proxy DHCP server listens on this port for PXE information requests.

For NetWare and Windows imaging servers, the proprietary IP ports include:

  • 360 decimal: The MTFTP server listens on this port for MTFTP requests from PXE or Preboot Services clients.

  • 4011 decimal: The Proxy DHCP server uses this port to communicate with PXE clients, but only when running on the same server as the standard DHCP server.

  • 18753 decimal: Transaction server client connection port. The Transaction server receives all connection requests from the Preboot Services clients on this port.

For Linux imaging servers, the proprietary IP ports include:

  • 998 decimal: Imaging client connection port. eDirectory (libzmgserv.so) receives all connection requests from the Preboot Services devices on this port.

  • 13331 decimal: novell-zmgprebootpolicy client connection port. The novell-zmgprebootpolicy daemon receives all connection requests from the PXE devices on this port. However, this port will not work across firewall because the daemon opens random UDP port for each PXE device.

Although PXE devices make their initial requests to the novell-tftp and novell-zmgprebootpolicy daemons on the ports listed above, the remainder of the transactions can occur on any available port. For this reason, ZENworks Imaging servers cannot be separated from their clients by a firewall.

IMPORTANT:The novell-tftp and novell-zmgprebootpolicy daemons are not firewall or network filter friendly. You should not attempt to run these daemons through a firewall. If users need to pass preboot work through a firewall, then all Preboot Services work needs to be on the outside and merely reference a Web service inside the firewall.

Changing Port Usage in NetWare

  1. Edit the dts.ini file located in the same directory as the dts.nlm module.

  2. Set ServerUdpPort to the port number you want to use.

  3. Stop and start dts.nlm for the changes to take effect.

Changing Port Usage in Windows Server

The Transaction server and MTFTP server can be configured to use different ports if necessary. To change the port, use the following procedure:

  1. From the Windows server desktop, click Start > Programs > ZENworks Preboot Services > ZENworks Preboot Services configuration > preboot_service_configuration.

  2. Change the relevant settings in the configuration.

  3. Stop and start the servers for the changes to take effect.