4.2 Configuring the Additional Primary Servers

To configure additional Primary Servers to your ZENworks Management Zone:

  1. Deploy ZENworks Appliance. For information, see Section 3.0, Appliance Deployment.

  2. Launch the URL on a supported web browser.

    The URL (https://<FQDN>:9443 or https://<ipaddress>:9443) is displayed on the appliance console.

  3. Log in to ZENworks Appliance with the root or zenadmin credentials that were used in Step 2, in the Section 3.2, Configuring the Appliance Settings.

    When you log in for the first time, you are prompted to configure ZENworks Appliance.

  4. Verify the prerequisites on the Configure ZENworks Management Zone page.

    Based on how you want to use ZENworks, you should be prepared with the required information to complete the configuration.

    Requirements for the server that is being added to an existing ZENworks Management Zone:

    • The DNS name or IP address of your zone's Primary Server

    • The zone administrator credentials to add a new Primary Server

    • The additional Primary Server can be added only if all the Primary Servers in the zone are upgraded to ZENworks

  5. Choose the type of Management Zone as If this server is being added to an existing ZENworks Management Zone, then click Add New Primary Server.

  6. Specify the following:

    • Server address: The first Primary Server’s IP address or FQDN.

    • Port: The Port used by the first Primary Server in the Management Zone. The default port is 443.

    • Username: The ZENworks management zone's administrator user name.

    • Password: The password for the ZENworks management zone's administrator.

  7. Click Next.

  8. In the Unknown Certificate dialog box, validate the certificate, then click Accept to communicate securely with the first Primary Server.

  9. Specify certificate details for the additional Primary Server.

    NOTE:The certificate validity should be between 1 and 10 years. If you plan to use the server as an MDM server, then to ensure communication with iOS and Mac devices, the certificate validity should not exceed 2 years.

    • If an Internal certificate is used in the first Primary Server, ZENworks detects the internal certificate and automatically issue the certificate.

    • If an External certificate is used in the first Primary Server, choose the required certificate (Server Certificate with Private Key or Server Certificate). If you have used the Generate CSR link, then upload Server Certificate. Based on the certificate specify the following details:

      • Server Certificate: Browse to the signed certificate to be used for this server.

        The certificate must be a SubCA (approved by SubCA) and CA (Approved by root CA) certificates in order:

        ====Beginning of the Certificate File====

        =[Server Certificate]=

        =[SubCA Certificate]=

        =[CA Certificate]=

        ====End of the Certificate File====

      • Private Key File: This field is enabled if you select the Server Certificate with Private Key option. Browse to the .der private key file that is associated with the signed certificate.

        To convert the PEM file to DER file, use the following command:

        openssl pkcs8 –topk8 –nocrypt –in privateKey.key –inform PEM –out key.der –outform DER

        To verify the privateKey.key file, use the following command:

        openssl rsa -in privateKey.key -check

  10. Click Finish.

    ZENworks configuration starts and it might take several minutes. The configuration process will continue in the background even if you close the browser or the browser times out.