3.5 Management Server

The following sections contain more information:

3.5.1 Viewing Network Settings

To view MS status:

Home window>>System configuration>>Management server

Figure 3-8 System Configuration, Management Server

  1. Server status is shown in the Network settings area.

  2. Click ok or cancel.

3.5.2 Modifying MS Network Settings

IMPORTANT:Back up your system immediately after changing the MS or ES IP address. If you do not back up with the new IP address, and later restore your system, it will restore the previous IP address which can show an ES error condition and cause authentication problems. See Section 3.15, Maintenance for instructions on backing up and restoring your system.

To modify MS network settings:

Home window>>System configuration>>Management server

WARNING:Changing the MS network settings will cause the network interface to restart.

  1. Click edit network settings in the Network settings area.

    Figure 3-9 Management Server Network Settings

  2. Enter the values you want to modify:

    • Enter a new name in the Host name text field. For example, garp.mycompany.com

      NOTE:Select names that are short, easy to remember, have no spaces or underscores, and the first and last character cannot be a dash (-).

    • Enter a new address in the IP address text field. For example, 192.168.153.35

    • Enter a new netmask in the Network mask text field. For example, 255.255.255.0

    • Enter a new gateway in the Gateway IP address text field. For example 192.168.153.2

    • Enter one or more DNS resolver IP addresses, separated by commas, semicolons, or spaces in the DNS IP addresses text box. For example: 10.0.16.100,10.0.1.1

  3. Click ok.

3.5.3 Selecting a Proxy Server

Connecting to the Internet is necessary for updating tests, validating license keys, and sending support packages.

To select a proxy server:

Home window>>System configuration>>Management server

  1. Select Use a proxy server for Internet connections.

  2. Enter the IP address or hostname of the server that will act as the proxy for Internet connections in the Proxy server IP address text field.

  3. Enter the port used for connecting to the proxy server in the Proxy server port text field.

  4. If your proxy server requires authentication, select the Proxy server is authenticated check box.

    1. Authentication method — Select the scheme used to authenticate credentials on the proxy server. The following methods are supported:

      • Basic (not recommended) — The original and most compatible authentication scheme for HTTP. Also the least secure because it sends the user ID and password to the server unencrypted.

      • Digest — Added in the HTTP 1.1 protocol, this scheme is significantly more secure than basic authentication because it never transfers the actual password across the network, but instead uses it to encrypt a "nonce" value sent from the server.

      • Negotiable — Using this scheme, the client and the proxy server negotiate a scheme for authentication. Ultimately, either the basic or digest scheme will be used.

    2. Enter the ID of a user account on the proxy server in the User name text box.

    3. Enter the password of the user account specified in the User name text box in the Password text box.

    4. Re-enter the password.

  5. Click ok.

3.5.4 Setting the Date and Time

The Date and time area allows you to configure the following:

  • Allow automatic synchronization with an NTP server

  • Manually set date and time for the MS

  • Edit date and time:

    • Set time zone

    • Set date

    • Set time

NOTE:Date and time settings are applied to the MS; however, you can set the time zone for each ES.

3.5.5 Automatically Setting the Time

To automatically set the time:

Home window>>System configuration>>Management server

  1. Select Automatically receive NTP updates from and enter one or more Network Time Protocol (NTP) servers, separated by commas. The NTP protocol allows Novell ZENworks Network Access Control to synchronize its date and time with other endpoints on your network. For example, time.nist.gov.

  2. Click ok.

HINT:Use of NTP is strongly recommended.

3.5.6 Manually Setting the Time

To manually set the time:

Home window>>System configuration>>Management server

  1. Select Manually set date & time.

  2. Click edit. The Date and time window appears:

    Figure 3-10 Date & Time

  3. Select the correct date and time.

  4. Click ok.

  5. Click ok.

IMPORTANT:Manually changing the date/time (other than a time zone change) a large amount will require a restart of all servers. Rolling back the clock will have adverse effects on the system.

3.5.7 Selecting the Time Zone

To set the time zone:

Home window>>System configuration>>Management server

  1. Select the following:

    1. Select a region from the Region drop-down list in the Date and time area.

    2. Select a time zone from the Time zone drop-down list.

  2. Click ok.

3.5.8 Enabling SNMP

To select SNMP settings:

Home window>>System configuration>>Management server>>SNMP settings

  1. Select the Enable SNMP check box to select the SNMP settings.

    1. Enter the SNMP read community string.

    2. Enter the SNMP allowed source network. The value must be either “default” or a network specified in CIDR notation.

  2. Select the Outgoing SNMP notifications check box.

  3. Enter a comma-separated list of IP address or hostnames that can receive the SNMP notifications.

  4. Enter the community string used to authorize SNMP notifications from Novell ZENworks Network Access Control.

  5. Select one or both of the following:

    1. Select the Resend notifications check box and enter the resend interval, for example 60.

      NOTE:NAC policy tests can be configured such that if an endpoint fails the test, it will be granted network access temporarily. In these cases, it might be desirable not to send an SNMP notification.

    2. Select the Do not send notifications when an endpoint has been granted temporary network access check box to disable these notifications.

3.5.9 Modifying the MS root Account Password

To change the MS root account password:

Home window>>System configuration>>Management server

  1. Enter the new password in the Root password text box in the Other settings area.

  2. Re-enter the password in the Re-enter root password text box.

  3. Click ok.

3.5.10 Checking for Novell ZENworks Network Access Control Upgrades

To check for system upgrades:

Home window>>System configuration>>Management server

  1. Click check for upgrades in the System upgrade area. A progress window appears.

  2. If your license is expired, you will get a System upgrade error window that provides instructions on how to renew your license.

  3. A status window appears indicating if upgrades are available.

    1. If no upgrades are available, click ok to clear the status window.

    2. Click ok to return to System configuration.

    3. If an upgrade is available, click yes to upgrade your system.

IMPORTANT:Installation of an upgrade can take several hours to download all the software. You can continue to use Novell ZENworks Network Access Control during the download process. Novell ZENworks Network Access Control will automatically shutdown and restart after the software downloads.

HINT:Since upgrading can take longer than the default timeout (45 minutes) setting of the Novell ZENworks Network Access Control Update, Novell recommends that you increase the timeout value when you have limited bandwidth by performing the steps described in Section 3.5.11, Changing the Novell ZENworks Network Access Control Upgrade Timeout.

3.5.11 Changing the Novell ZENworks Network Access Control Upgrade Timeout

Since upgrading can take longer than the default timeout (45 minutes) setting of the Novell ZENworks Network Access Control Update, Novell recommends that you increase the timeout value when you have limited bandwidth by performing these steps.

To change the inactivity timeout value for upgrades:

Command window

  1. Log in to the Novell ZENworks Network Access Control server as root, either using SSH or directly with a keyboard.

  2. Enter the following at the command line:

    setProperty.py -m Compliance.UpgradeManager.UpgradeTimeout=<minutes>

    Where:

    <minutes> is the number of minutes of inactivity Novell ZENworks Network Access Control will wait before assuming the upgrade failed. For example, 30. The default value is 45.