Enabling Inter-Server Communications Security

After you have exited the Inter-Server Communications Security Installation Wizard, create and distribute a Text File Changes policy that will be used to enable the security. Complete the following to create and distribute the policy:

• Creating a Text File Changes Policy for Enabling Inter -Server Communications Security
• Distributing the Text File Changes Policy

Creating a Text File Changes Policy for Enabling Inter-Server Communications Security

To create the policy:

1. In ConsoleOne, right-click the container where you want the Policy Package object stored > click New > click Policy Package.

   This starts the Policy Package Wizard.

2. Under Policy Packages, select Distributed Server Package > click Next.

3. Name the package > click Next.

   Make the package name unique to identify its purpose.

4. Click Define Additional Properties > click Finish.

5. Under the Policies tab, select the General subtab > click Add.

   This policy can apply to any platform.

6. In the Add Policy dialog box, click Text File Changes > enter a name for the policy > click OK.

   The new policy is enable and automatically selected.

7. Click Properties.

   The Text File Policy tab is displayed. Because the security=false line could exist, you need to create two text file changes in order to effectively change security from false to true.

8. Click Add > do the following:

   1. Enter  sys:\zenworks\zws\zws.properties  in the Filename field.

   2. Replace the "Change #1" text that defaults with a descriptive change tag; for example, Delete Security Line.

   3. In the Change Mode field, select Search File.

   4. In the Search Type field, select Entire Line.

   5. In the Search String field, enter  security=false.

   6. In the Result Action field, select Delete Line.

9. Click the down arrow button for the drop-down field next to the Add button > select Change > click Add > do the following:

   1. Replace the "Change #2" text that defaults with a descriptive change tag; for example, Append Security Line.

   2. In the Change Mode field, select Append to File.

   3. In the New String field, enter  security=true.

      This string is case-sensitive.

10. Click OK to save the policy > click OK.

11. Continue with Distributing the Text File Changes Policy .

Distributing the Text File Changes Policy

To distribute the new policy:

1. In ConsoleOne, right-click your TED container > click New > click Object > select TED Distribution > click OK.

2. Enter the Distribution's name.

   Make the Distribution's name unique to identify its purpose.

3. Browse for the Distributor > click Define Additional Properties > click OK.

4. Click the Type tab > in the Select Type drop-down box, select Policy Package > click Add.

5. Browse for the policy package you created in Creating a Text File Changes Policy for Enabling Inter -Server Communications Security > click Select > click OK.

6. Click the Schedule tab > click the arrow for the drop-down box of the Schedule Type field > select Run Immediately > click OK.

   This schedule type will cause the Subscriber to extract the Distribution and enforce the policy as soon as it is received.

7. Click the Channel tab > click Add > browse for the Channel > click Select > click OK.

   Make sure the Channel is listed as Active in the Channels list.

8. When finished configuring the Distribution, click OK.

   You will be prompted to resolve certificates.

9. Click Yes to resolve certificates.

   This will copy the security certificates from the Distributor to the Subscribers that are subscribed to the Channel.

After the Text File Changes policy Distributions are sent, received, and extracted on each target server, inter-server communications security is in effect.