This section describes ways to tune the ZENworks Agent. This can provide better login performance, reduced memory and CPU usage, and other benefits.
Since ZENworks 11 SP2, the ZENworks Agent includes a Network Credential Manager that supplements the ZENworks Credential Provider wrapper. Network Credential Manager facilitates passive mode authentication when users log in with any third-party credential provider.
The following capabilities are not available while using a third-party credential manager:
Dynamic Local User
Windows Roaming Profile Policies
Windows Group Policies
The Credential Manager is installed by default, but if ZENworks Credential Provider is available, it takes preference.
In your Management Zone, if you do not have any of the policies mentioned above, it is advisable to disable the ZENworks Credential Provider for an improved login experience.
To disable the ZENworks Credential Provider, set the following:
Registry Key Name: DisableZENCredentialProvider
Registry Key Path: HKLM\Software\Novell\ZCM\ZenLgn
Registry Key Type: DWORD
Registry Key Value: 1
By default, if a user source is defined in the ZENworks Management Zone, the ZENworks Agent attempts to authenticate users to the zone when they log in through the Microsoft or Novell client.
If necessary, you can disable user authentication to the zone. For example, you might have some users who only receive device-assigned content, so you do not want the overhead of having them logged into the zone.
To disable user authentication to the zone:
Locate the following key in the registry on the user’s device:
HKLM\SOFTWARE\Novell\ZCM\ZenLgn
(Conditional) If you want to disable login, add the following DWORD value:
Value name: DisablePassiveModeLogin
Value data: Any non-zero value (for example, 1, 2, 3, 100)
With login disabled, no attempt is made to authenticate to the Management Zone when the user logs in through the Microsoft or Novell client.
(Conditional) If you want to disable the ZENworks login prompt that appears when the login through the Microsoft client or Novell client fails, add the following DWORD value:
Value name: DisablePassiveModeLoginPrompt
Value data: Any non-zero value (for example, 1, 2, 3, 100)
Normally, the Agent attempts to authenticate the user to the zone by using the credentials entered in the Microsoft or Novell client. If login fails, the ZENworks login prompt is displayed in order to give the user an opportunity to authenticate with different credentials. This value setting disables the ZENworks login prompt.
ZENworks collects a lot of data from the managed device. This data is rolled up from the device to its collection server periodically. Each process that uploads data has a default interval for uploading that data. In your environment you can choose to modify these defaults. This section helps you understand how to modify them.
The default status upload frequency of the ZENworks Agent is 30 minutes. You can choose to override the default status upload frequency by configuring the following preferences on a Linux or Mac OS-X device:
On a Linux managed device, open the /etc/opt/novell/zenworks/conf/xplatzmd.properties file in a text editor.
Add the SleepTime parameter as SleepTime=nn ,where nn is the repeat frequency in minutes.
The default status upload frequency of the ZENworks Agent is 30 minutes. You can choose to override the default status upload frequency by configuring the following preferences on a Windows device:
On a Windows managed device, open the <CONF_DIR>/StatusSenderConfig.xml file in a text editor.
Provide the following values:
<configuration>
<StatusSender>
<Parameter SleepTime=nnn>
</StatusSender>
</configuration>
where nnn is the SleepTime in seconds.
The default audit upload frequency of the ZENworks Agent is 60 minutes. You can choose to override the default audit upload frequency by configuring the following preferences:
On a Windows managed device, open the <CONF_DIR>/audit/AuditLoggerConfig.xml file.
Change the following value:
<UploadIntervalInMin>nn</UploadIntervalInMin>, where nn is frequency in minutes.
Currently Linux and OS-X devices do not generate audit events.
On the managed device, ZENworks cache uses SQLite DB for persistence. SQLite has an Asynchronous IO extension to improve the performance of the write operations. This has been enabled by default and should not be turned off.
Normally, when SQLite writes to a database file, it waits until the write operation is finished before returning control to the calling application. Because writing to the file system is usually very slow when compared with CPU bound operations, this can be a performance bottleneck. The asynchronous I/O back end is an extension that causes SQLite to perform all write requests using a separate thread running in the background. Although this does not reduce the overall system resources (CPU, disk bandwidth etc.), it does allow SQLite to return control to the caller quickly, even when writing to the database.
Additional tuning can be performed by configuring the registry keys on a Windows agent. For more information see the ZENworks Registry Keys Reference.