Content Blackout Schedule

You should define a Management Zone setting only if you are sure that you want to use this setting for all devices. In normal environments, you should not use a common blackout schedule for all devices.

A content blackout schedule is needed only for special devices, such as device in the finance department or production PCs that are used for controlling production processes.

The following graphic shows a corporate (global) blackout schedule of the last Friday of every month, from 12:00 a.m. until 7:00 a.m. In this case, no content is sent to managed devices during this time.

Figure 4-3 Blackout Schedule in ZENworks Control Center

For more information, see Management Zone Settings in the ZENworks 10 Configuration Management System Administration Reference.

ZENworks Explorer Configuration

This setting defines the uninstall feature. If your customer does not need to uninstall applications, disable this feature in your Management Zone.

Figure 4-4 General Section in ZENworks Control Center

For more information, see Content Settings in the ZENworks 10 Configuration Management System Administration Reference.

System Variables

System variables are used to define paths, names, and other items in your system. In addition to the predefined variables, Novell recommends using variables in bundles. This makes it much simpler to create, manage, and deliver applications moving forward. You need to standardize on this early and stay with your standard.

Common variables are SOURCE_PATH or TARGET_PATH

The following is an example of system variables that are set at the Management Zone level. These can then be used in bundles for distribution. Because these are set at the Management Zone level, it is assumed that these variables are resolvable on any device registered in the Management Zone.

Figure 4-5 System Variables in ZENworks Control Center

For more information, see Content in the ZENworks 10 Configuration Management System Administration Reference.

Content Replication Schedule

The content replication schedule defines how often a Primary Server that has assigned content checks the database for updates (new content or deleted content).

Novell recommends changing the default value (5 Minutes) to at least 30 minutes to protect the system from heavy loads that could lead to utilization issues. This gives you enough time to ensure that content is always up-to-date across all your systems in the Management Zone.

Figure 4-6 Content Replication Schedule in ZENworks Control Center

Local Device Logging

Use a severity setting of Error for log messages. If you set the severity to Warnings and Above, you might end up collecting more data than you really need. If you understand the errors you are encountering, this is more than enough for troubleshooting your infrastructure.

This settings page allows you to set the rollup schedule for a specific time or date. We recommend that you create a new log file every day to ensure accurate information for troubleshooting purposes.

Figure 4-7 Log Settings in ZENworks Control Center

For more information, see Device Management Settings in the ZENworks 10 Configuration Management System Administration Reference.

Device Refresh Schedule

Use the default schedule as a starting point. Discuss the schedules with your customer and adjust according to their needs. This information should have been collected during the assessment phase of your project. Remember, shorter refresh schedules means more frequent ZENworks Configuration Management traffic on the network. This could cause issues with over-utilization of available bandwidth. Make sure you involve the network management team when you decide on this setting.

Short refresh times for a large number of devices can also cause extensive server load, which might cause distribution failures or failures at the server side (uploading inventory and so forth).

Use random refresh rates to future prevent server overload during peak periods. This setting can be instrumental in increasing the scalability of the infrastructure components. Remember, the tests Novell performs in the SuperLab are designed to test the breaking point of the components. In the real world, thousands of devices should not regularly contact a server in the Management Zone.

Figure 4-8 Device Refresh Schedule in ZENworks Control Center

For more information, see Device Management Settings in the ZENworks 10 Configuration Management System Administration Reference.

Device Removal Schedule

This setting needs to be discussed in detail with the customer during the assessment and design phases to ensure that you are removing devices that should be removed. You want to avoid removing devices that have been inactive for a certain number of days because the inactivity might result from circumstances such as maternity leave or a leave of absence. The customer should be able to give you the details on how long these situations should last, and what is acceptable. After you have this information, you can configure the schedule appropriately.

Take the following into consideration when setting up the schedule:

If devices are to be flagged for removal and not actually removed from the Management Zone, these devices can be easily found by specifying the Device State as Lost when searching for devices.

If you are required to report on all devices, even if they are not active on the network, managed devices can be “retired” instead of removed. When a managed device is retired, its identity and inventory information is retained but all policy and bundle assignments are removed. A retired device is in a holding state until you unretire or delete the device from the Management Zone.

For more information on retiring devices, see Retiring or Unretiring Devicesin the ZENworks 10 Configuration Management Discovery, Deployment, and Retirement Reference.

For more information, see Device Management Settings in the ZENworks 10 Configuration Management System Administration Reference.

Dynamic Groups Refresh Schedule

Novell recommends the use of dynamic groups wherever possible. The membership of these groups is recalculated on a regular basis to get the expected (and accurate) results.

For your initial configuration, Novell recommends a daily refresh schedule (All days of the Week). This ensures that the membership lists of the dynamic groups accurately represent what you have registered in the system.

Figure 4-9 Refresh Schedule in ZENworks Control Center

For more information, see Device Management Settings in the ZENworks 10 Configuration Management System Administration Reference.

Closest Server Rules

Understanding and configuring Closest Server Rules is essential to a successful ZENworks Configuration Management infrastructure. Closest Server Rules are used to inform devices which Primary Servers and Satellite Devices to contact and in which order. This should take into account placement of ZENworks Primary Servers and Satellite devices. These rules might change as the design changes, so ensure that the requirements are tracked.

General rules to follow include:

Figure 4-10 Closest Server Rules in ZENworks Control Center

Within each rule, there is a Server list for each function that a ZENworks Primary server performs for the agent (Collection, Configuration, and Content). Each server list is ordered and the devices use this order for failover in case of high server utilization or a server-down scenario.

To balance the load, we recommend using Closest Server Groups. A Server Group is a list of Primary servers and Satellite devices that can be accessed in a random order. By randomizing server access, it is possible to balance the number of requests sent to each ZCM Server listed in the group.

Figure 4-11 Closest Server Groups

If load balancing and fault tolerance is a fundamental requirement of the infrastructure, the best way to achieve it is though a Layer 4 (L4) switch. An L4 switch can front either Primary Servers or Satellite devices, or both, in order to guarantee results when directing traffic to the devices behind the switch. Most importantly, it ensures that services are always available to the end user community. If you use an L4 switch, ensure that it is properly configured. If the switch is not properly configured, the traffic is not properly directed, and there might be issues with connections, responses, and so forth.

The Layer 4 switch is configured in the Closest Server Rules in a similar way to the Closest Server Groups. When prompted, specify the Layer 4 definition name, which must be either the DNS name or IP address of the Layer 4 virtual device.

Keep in mind the following considerations:

If there are no matching Closest Server Rules for a given device, the managed device falls back to the default Closest Server Rule. This rule is an ordered list of all the ZENworks Configuration Management Primary and Satellite devices installed in the Management Zone. The list must be ordered so that all the ZENworks Configuration Management Primary Servers are at the top and all the ZENworks Configuration Management Satellite devices are at the bottom.

You might want to exclude the default Closest Server Rule for the following reasons:

If there are duplicate addressing schemes within the environment, such as if two remote sites both use NAT (Network Address Translation) and the internal IP address scheme for both networks is 192.168.0.0, it is not possible for a Closest Server Rule to differentiate between the two subnets. The solution is to configure Closest Server Rules for each of these subnets at the folder level and override the Management Zone settings. This is successful only if the ZENworks folder structure ensures that the device objects for the two subnets are in separate folders.

Figure 4-13 Effective Closest Server Rules

Closest Server Rules can be configured at three levels: Management Zone, Folder and Device. The rules are evaluated on the device first. If no matching rule is found, the device's folder is evaluated. If there is no match on the device or the folder, the Management Zone rules are evaluated. Finally, if the Management Zone Closest Server Rules are not applicable, the default Closest Server Rules are used. For the diagram above, the order of evaluation is Rule1, Rule2, Rule3 .

For more information, see Infrastructure Management Settings in the ZENworks 10 Configuration Management System Administration Reference.

Client Retries

At every client refresh, all Primary Servers and Satellite devices are marked as Unknown. When a particular module requires a service, the Connection Manager (based on the Closest Server Rules) makes a call to the first Primary Server or Satellite device hosting this service. If a Primary Server or Satellite device is down or is not contactable, it is immediately marked as Bad. If it is in a Busy state, it returns a busy error and the client waits and retries again.

There are three settings that control how many times and for how long a managed device should wait before marking a Primary Server or Satellite device as Bad and then moving to the next Primary Server or Satellite device in the closest server rule. These three client settings are available in ZENworks Control Center, under Configuration > Device Management > ZENworks Agent.

Figure 4-14 Client Retry Settings

If a Primary Server or Satellite device is contactable but busy, a client waits for the initial wait period, retries, increments the wait interval by the value specified, then retries again. This process continues until the number maximum retries has been reached or until the connection load on the server goes down. The default settings in ZENworks Configuration Management are 20 retries, an initial wait time of 10, and a maximum wait time of 20. This means that a device waits a maximum of 345 seconds before marking a busy Primary Server or Satellite device as Bad. All the HTTP or HTTPS calls are sequential, so if the closest server rules are correctly configured, the wait should be very short. Connecting to a different Primary Server or Satellite device might not be the best option because it might be overloaded or across a low-bandwidth, high-latency connection.

These settings should be based on the placement of Primary Servers and Satellite devices within the environment. If there are many Primary Servers in a location connected to the clients by high-bandwidth, low-latency links, these settings can be lowered. If there are fewer Primary Servers and clients connecting over low-bandwidth, high-latency links, or to a Satellite device across a WAN, these settings can be increased to “wait out” the busy period. These settings can be overridden on the device or folder level.

During Novell testing, retries were set at 60/30/60. A server was never marked as Bad, and all content was delivered. No degradation of performance at the client was observed when the retries were set high.

Inventory Schedules

Inventory scan frequency depends on how often the hardware and software in the environment changes, and how accurate the information needs to be. Under normal circumstances, it should be adequate to collect inventory data on a weekly, biweekly, or monthly basis, but this might not be sufficient for all deployments. Be aware of the workload placed on the ZENworks Primary Servers. Every inventory scan a device does must be processed by the ZENworks Primary Server and stored in the ZENworks database. Ensure that the schedule does not unnecessarily scan thousands of devices on a daily basis, but if this is necessary, closely monitor the load and performance of both the Primary and database servers. Inventory schedules can be set at the Management Zone folder, and device level. We recommend that you configure inventory schedules on a folder basis to ensure that the load is spread through a given time period. If you must immediately update the inventory of a device, a scan-now request can be sent to the device via ZENworks Control Center.

For a weekly scan, select a day that is most likely to capture the largest number of devices connected to the network. To capture all workers, consider doing a scan on every fifth day so that all days are eventually targeted.

For restricted scan times, use the random wait time carefully. If a scan window of 9:00–17:00 is configured with the Randomize scan time option, devices that disconnect during this period might not be scanned. This can cause many to consistently miss their scans. The Process immediately if device unable to execute on schedule option instructs any device that missed the schedule to scan when it next connects to ZENworks. This is useful for ensuring that devices perform an inventory when they are offline during their assigned inventory schedule.

Use a schedule that best fits the environment and avoiding restricting the scan times severely. A very small “scan potential” window can lead to many devices not performing regular inventory scans.

If some devices are always on, consider starting the scan schedule before or after normal office hours, so these devices can be processed when there is low utilization.

We recommend using a combination of inventory reporting and the advanced device search function to compare last scan dates with last contact dates, so you can ensure that devices are being scanned according to their schedules.

Figure 4-15 Scan Schedule in ZENworks Control Center

For more information, see Inventory Settings in the ZENworks 10 Configuration Management System Administration Reference.

Default Deployment Packages

The best option for accessing the default deployment packages is through ZENworks Control Center:

We recommend using one of the following deployment methods:

For all methods you must have registration keys in place as described in Section 4.2.7, Registration Rules and Keys.

For more information, see the ZENworks 10 Configuration Management Discovery, Deployment, and Retirement Reference.

Custom Deployment Packages

During the ZENworks Configuration Management installation, default ZENworks Adaptive Agent deployment packages are created. These packages are tied to the ZENworks Primary Server and contain the URI from this server to register devices. There are no registration keys configured and the registration process use default rules to register devices.

It is best practice to always use custom deployment packages when pushing the ZENworks Adaptive Agent to your discovered or imported devices. You should avoid the use of the default Agent deployment packages that are created because these include only default parameters that likely do not meet the needs of the customer.

You must be familiar with these concepts before testing begins.

Registration Rules

If you don’t want to enter a registration key during deployment, or if you want devices to be automatically added to different folders and groups based on predefined criteria (for example, operating system type, CPU, or IP address), you can use registration rules.

ZENworks Configuration Management includes a default registration rule for servers and another one for workstations. If a device registers without a key, the default registration rules are applied to determine the folder and group assignments. The two default rules cause all servers to be added to the /Servers folder and all workstations to the /Workstations folder.

The two default rules are designed to ensure that no server or workstation registration fails. Therefore, you cannot delete or modify these two default rules. You can, however, define additional rules that enable you to filter devices as they register and add them to different folders and groups. If you’ve established folders for devices with similar configuration settings and groups for devices with similar assignments, newly registered devices automatically receive the appropriate configuration settings and assignments.

For more information, see Registration Rules in the ZENworks 10 Configuration Management Administration Quick Start.

Registration Keys

A registration key is an alphanumeric string that you manually define or randomly generate. During deployment of the ZENworks Adaptive Agent on a device, the registration key must be provided. When the device connects to a ZENworks Server for the first time, the device is added to the folder and groups defined within the key.

You can create one or more registration keys to ensure that devices are placed in the desired folders and groups. For example, you might want to ensure that all of the Sales department’s workstations are added to the /Workstations/Sales folder but are divided into three different groups (SalesTeam1, SalesTeam2, or SalesTeam3) depending on their team assignments. You could create three different registration keys and configure each one to add the Sales workstations to the /Workstations/Sales folder and the appropriate team group. As long as each workstation uses the correct registration key, it is added to the appropriate folder and group.

For more information, see Registration Keys in the ZENworks 10 Configuration Management Administration Quick Start.

Recommendations Regarding Registration

Based on your final folder and groups design, we recommend that you create registration keys for each folder you have created or defined.

The following graphic illustrates using registration keys to place devices in folders.

Figure 4-16 Registration Section in ZENworks Control Center

New York City: Registers to folder New York City below USA.

France: Registers to folder Paris below France.

In combination with dynamic groups that are based on departments, it is possible to manage device registration very easily. You use these keys in your deployment packages to auto-register all devices in your Management Zone.

Registration

You should enable dynamic device renaming, which is disabled by default.

This feature provides a very flexible way to handle some desktop management processes such as renaming or re-installation. During the ZENworks Configuration Management framework-based installation process, the device name changes to a randomly generated name, but if this feature is place and you have a working imaging partition, all references are automatically maintained by the ZENworks Adaptive Agent registration process.

This prevents having duplicated device entries and GUIDs in the database.

Figure 4-17 Registration in ZENworks Control Center

For more information, see Device Management Settings in the ZENworks 10 Configuration Management System Administration Reference.

Security

To prevent unauthorized access to the managed device, the Remote Management service on the managed device uses the following modes of access:

Performance

The performance features are enabled by default in the Remote Management policy or configuration page. They can be disabled, but we do not recommend doing this.

For more information, see Device Management Settings in the ZENworks 10 Configuration Management System Administration Reference.

Software File Information

Select the Collect Software File Information option only if you must identify software products that aren’t recognized by the ZENworks Knowledgebase. This option forces a very granular collection of inventory information, which has performance impacts throughout the ZENworks infrastructure. If you must create local software products based on software file information, we recommend that you override inventory settings only on the individual target devices.

Figure 4-18 Inventory Scan Settings

For more information, see Creating Local Software Products in the ZENworks 10 Configuration Management Asset Inventory Reference

Collection Data Form Schedules

The collection data form is used to collect demographic information for a device or user. The information can be collected on several schedules or events, or it can be collected manually. You can also use the Scan Now, First Scan, or Recurring Scan options. This information can be very useful when attempting to identify where devices are located and who is using them.

Select a schedule that best fits your requirements. Collecting this information on a monthly basis should be a good choice. Ensure that you run a new collection after a change, such as a move or user change.

Use the auto-fill function to avoid user input. System variables and registry settings can be used to silently collect the demographic data. These variables or settings can be delivered through the install process or through bundles. Administrator-defined fields should be created to collect additional information.

For more information, see Scanning Demographic Data in the ZENworks 10 Configuration Management Asset Inventory Reference

Recommendations for Organizing Bundles

Every organization is different and has different requirements for organizing content. The important thing to keep in mind is that you should always organize your content according to how your organization views it. If you do not organize the content and simply put everything into the default folder, it becomes unmanageable within a very short time.

Keeping this in mind, some best practices for organizing your bundle objects include:

The ZPM folder is an auto-generated folder that contains all patch-service related bundles. Although the bundles in this folder can be changed and additional ones created, we recommend that you do not change the folder and the bundles within it.

We recommend that you create folders under the base Bundles folder to group imaging and application bundles together. The following list provides examples of the types of folders that can be created:

Categorizing application and imaging bundles into separate folders also allows for administrator roles to be created so you can limit the bundles that an administrator can edit or assign to devices.

Figure 4-19 Bundle Folders in ZENworks Control Center

The important thing is to arrange your content with your company organization in mind. This might be different with each company or site. This information should be gathered during the design phase of the project and detailed in the design document.

For more information, see Managing Folders in the ZENworks 10 Configuration Management Software Distribution Reference.

Bundle Groups

In addition to using folders, it is a good idea to create bundle groups for some applications to make assignments easier. Each group contains a set of bundles that belong together. These groups can be organized for special functions or tasks.

The following are some examples of how you might want to leverage bundle groups to keep things simple:

The following is a graphical representation of how you might want to leverage bundle groups:

For more information, see Managing Bundle Groups in the ZENworks 10 Configuration Management Software Distribution Reference.

Assigning Bundles

A major feature in ZENworks Configuration Management is the ability to inherit assignments from multiple places within the system. With this feature, it is very easy to assign a bundle or bundle group to many devices in seconds. You do not need to assign bundles to each device, which saves time and money.

Based on your folder and group design, we recommend that you use folder or group assignments instead of direct assignments. Use these indirect assignments wherever possible to increase speed and reduce administration effort. If you utilize folders and groups for as many of your assignments as possible, you can deliver updates to hundreds of devices when you need to get them there, even immediately.

Best practices on how to leverage folders and groups include:

For more information, see Managing Bundles in the ZENworks 10 Configuration Management Software Distribution Reference.

Importing and Exporting Bundles

Novell best practice dictates that a new application or change to an existing application in the environment should use a testing phase that does not affect the production network. We recommend that a development zone (DEV-ZONE) be created with its own ZENworks Configuration Management structure that mirrors the production network. After an application has been approved for production deployment, it should then be moved from the DEV-ZONE to the production zone (PROD-ZONE). Currently there is no way to export MSI files from the Content Repository, so we recommend that all source files are retained; otherwise, there will be no source to be imported into production (see TID 7002543 on the Novell Support page).

To export bundles:

Application Delivery Mechanism

There are a number of different methods to deliver content to your managed devices with ZENworks Configuration Management.

Recommendations for Managing Policies

Organizing policies into folders and policy groups makes it easier to manage the assignment process to devices and users. When managing policies, you should consider the following items:

When managing policies, you should:

Advantages to Assigning Group Policies through ZENworks Configuration Management

With ZENworks Configuration Management, you can use plural group policies, meaning you can layer multiple group policies on top of each other, applying what is referred to as effective policies at the endpoint level. Using ZENworks Configuration Management to do this allows you to handle roaming users effectively, making policies available to end users no matter where they are logging in from. Most organizations use group policies to manage the look and feel of the user's desktop experience. There are two choices when it comes to using Group Policies in your environment:

Foundry Networks ServerIronXL Configuration

The following example shows the configuration requirements for a Foundry Networks ServerIronXL switch that was used for testing purposes in the Novell SuperLab. Other vendor products are similar when it comes to configuration and the parameters used. Refer to vendor documentation for further details.

ServerIron#sh run
Current configuration:
!
ver 07.3.03T12
no global-stp
global-protocol-vlan
!
server predictor round-robin
server sticky-age 2
server source-nat
server source-ip 151.155.184.107 255.255.252.0 151.155.187.254
!
server real r-ps-1 151.155.184.109
   source-nat
   port http
   port http keepalive
   port http url "HEAD /"
   port http status_code 100 499
   port ssl
   port ssl keepalive
!
server real r-ps-2 151.155.184.110
   source-nat
   port ssl
   port ssl keepalive
   port http
   port http keepalive
   port http url "HEAD /"
   port http status_code 100 499
!
server virtual ps-v1 151.155.184.108
   port ssl sticky
   port http sticky
   track-group http 443
   bind ssl r-ps-1 ssl r-ps-2 ssl
   bind http r-ps-1 http r-ps-2 http
!
vlan 1 name DEFAULT-VLAN by port
   no spanning-tree
!
boot sys fl sec
ip address 151.155.184.107 255.255.252.0
ip default-gateway 151.155.187.254
snmp-server community ..... rw
!
end

Summary of Configuration Settings

Configuring the Closest Server Default Rule

In addition to setting up and configuring the L4 switch, you need to also configure the Closest Server Default Rule. For more information, see Setting Up Closest Server Rules in the ZENworks 10 Configuration Management System Administration Reference.

Configuring an L4 Switch Definition from Selected Servers

Additional Details

Defining the What in Content Management

An important improvement in Content Management is the ability to define content replication at the bundle-folder level. This ability provides several advantages over previous releases of ZENworks Configuration Management because it allows groups of applications or patches to be sent to sites with a few mouse clicks.

To define the Satellite devices to which the content located in the folder should be replicated, click the Details hyperlink of any bundle folder and click the Settings tab. If bundles are subsequently created in the folder, the content synchronization rules of the bundle folder are automatically applied.

In the following screen shot, all bundles in the Human Resources bundle folder are sent to the Stockholm remote office. A bundle created in the Human Resources bundle folder is automatically marked as included for the Stockholm location.

Figure 4-21 Satellite Server Replication

The technique of configuring content synchronization at the bundle-folder level is particularly useful when dealing with patches. As patches are stored in bundle folders organized by vendor, and then by month or year of release, groups of related patches can be sent to a given site in one operation. For example, automatically synchronizing all Microsoft patches for the previous month is extremely easy because this can be accomplished by configuring the relevant ZENworks Patch Management bundle folder, as displayed in the following screen shot:

Figure 4-22 Bundle Folder Settings

Organizing Bundles

Before considering content management, you should organize bundles into separate folders for ease of administration. Bundles can be grouped into folders by function, such as “Productivity Applications,” “Collaboration Applications,” or by business function, such as “Finance Applications” and “Human Resources Applications.” Introducing content control at the bundle-folder level means that the decision of how to organize bundles can also take into account the locations that the applications will be accessed from. For example, if a particular remote location has specific application needs unique to that site, consider creating a bundle folder for that location, thus allowing the content settings to be configured once for the core applications for that site.

If bundles are to be presented to users in the Windows Start menu, the default folder structure is a mirror of your bundle folder structure. For example, if the Novell Pulse Login bundle is associated with a user or device and instructed to be included in the Start menu, the Start Menu displays Core Applications > Collaboration Applications > Novell Pulse Login.

Figure 4-23 Organizing Bundles

This behavior can be overwritten in each bundle object, allowing the administrator to define for each bundle what the Windows Start menu structure should look like. This process can be cumbersome for each bundle; therefore you must consider the balance needs of content replication, ease of administration, and end-user presentation to decide about the folder structure for your bundle objects.

Defining the How in Content Management

ZENworks 10 Configuration Management SP3 introduces power mechanisms for granular control over what content should be hosted at specific locations. When you distribute content to Satellite locations, the concept of creating a window of opportunity for synchronization becomes very important. A window of opportunity involves the definition of window of time and the amount of bandwidth available to transfer a particular piece of content. In the previous versions of ZENworks Configuration Management, all content was treated the same way; however, in ZENworks 10 Configuration Management SP3, several content types are exposed in the ZENworks Control Center.

After you have defined what content should be available, the next stage is to define how and when it gets to the defined locations. For each content type, the administrator can specify the window of opportunity for synchronization, the recurrence period, and the bandwidth to be consumed during these operations. Administrators can now ensure that other services at remote sites are not affected by content delivery. If the window of opportunity and throttled bandwidth rate is not sufficient to completely synchronize all content, the process resumes from where it stopped when the window of opportunity opens again.

The following screen shot shows that Critical Security Patches have the opportunity to synchronize every 4 hours for up to 2 hours, consuming only 300 KB/s during the transfer.

Figure 4-24 Content Type Replication Settings

In this scenario, the customer wants to ensure that critical security patches are available promptly but still wants to protect bandwidth at the same time. If the content to be synchronized takes only 10 minutes to complete, the window of opportunity closes after 10 minutes. If the transfer takes more than 2 hours, the remainder of the content is synchronized 2 hours later when the next window of opportunity opens, because of the 4-hour interval.

Critical Information Required To Determine Content Synchronization Settings

Before defining the content rules for a given location, you must collect the following information:

The following screen shot shows that each content type can be configured with its own window of opportunity so that it can accommodate any customer requirement.

Figure 4-25 Content Type Configuration

ZENworks Configuration Management offers the administrator significant flexibility in managing content synchronization, ensuring that content is always available at only the relevant locations, but more importantly that ZENworks does not consume all the bandwidth during this process.

User Authentication Load-Balancing

The creation of additional user source connections that can be applied to Primary Servers or Satellite devices offers additional load-balancing capabilities for the authentication process. ZENworks provides authentication load balancing at two levels:

When you make decisions on infrastructure placement to support ZENworks services, ensure that the load is spread across the ZENworks servers first and the customer's Directory servers second.