2.1 Replacing the First Primary Server with the Second Primary Server

You can replace the first Primary Server in your Management Zone with an existing second Primary Server or with a new server. If you choose to replace the first Primary Server with a new server that has a different hostname and IP address, you must install ZENworks 2020 Update 2 on the new server in the same Management Zone. Consequently, the new server becomes the first Primary Server.

Ensure that the ZENworks version on the new server is the same as that of the existing Primary Server. For example: If the existing Primary Server is in the ZENworks 2020 Update 2 version, then you need to install ZENworks 2020 Update 2 on the new server.

IMPORTANT:

  • If you have two Primary Servers (PS1 and PS2) in the zone and both are configured as MDM Servers, then if PS1 is removed/deleted, then all the mobile devices enrolled to PS1 should be re-enrolled to PS2.

  • If you are replacing a Primary Server (PS1) with another Primary Server (DR1) with the same DNS name. If PS1 is configured as an MDM server, then even DR1 becomes an MDM server, as DR1 is equivalent to PS1. Hence, all mobile devices enrolled to PS1 work seamlessly with DR1.

To replace the first Primary Server with the second Primary Server:

  1. Before replacing the first Primary Server with the second Primary Server, take a reliable backup of the following on all Primary Servers in the Management Zone:

    • Content-Repo Directory: The content-repo directory is located by default in the %ZENSERVER_HOME%\work directory on Windows and in the /var/opt/microfocus/zenworks/on Linux.

      Ensure that the images directory located within the content-repo directory has been successfully backed up.

    • (Optional) If there are any TFTP customizations related to imaging, then back up the TFTP files. The tftp directory is located in the /srv/ folder on Linux and in the %ZENWORKS_HOME%\share\ folder on Windows.

    • Certificate Authority: For detailed information on how to back up the certificate authority, see Section 1.3, Backing Up the Certificate Authority.

    • Embedded Database: For detailed information on how to back up the embedded database, see ZENworks Database Management Reference.

    • ZENworks Server: For detailed information on how to back up the ZENworks Server, see Section 1.0, Backing Up and Restoring the ZENworks Server and Certificate Authority.

    NOTE:Since sandbox bundle content only syncs to the Primary Server to which the content is uploaded and is not replicated to all the Primary Servers in the zone, it is recommended that you manually sync the sandbox bundle content to other Primary Servers by using the Sync Sandbox Content to Content Servers option in ZCC. For more information, see Bundle Behavior Based on Content Pre-cach Settings.

  2. Ensure that all the contents of the content-repo directory of the first Primary Server are replicated to the second Primary Server.

    The content-repo directory is located in the %ZENSERVER_HOME%\work directory on Windows and in the /var/opt/microfocus/zenworks/ directory on Linux.

    (Optional) Also, copy the backed-up TFTP files to the second Primary Server. The tftp directory is located in the folder /srv/ on Linux and in the folder %ZENWORKS_HOME%\share\ on Windows.

  3. (Conditional) If the first Primary Server has add-on images:

    1. In ZENworks Control Center for the second Primary Server, click the Bundles tab, then click the Imaging bundle.

      The Summary tab is displayed.

    2. Click Edit next to Add-on Image File.

      The Bundle Add-on Image wizard is displayed.

    3. On the Add Image Server Address page, select the first Primary Server that is associated with the bundle, then click Remove.

    4. Click Add.

    5. Click Open Folder icon next to the Servers folder to navigate through the folders until you find the second Primary Server.

    6. Select the second Primary Server to display its name in the Selected list, then click OK.

    7. Click Finish.

      The add-on image is associated with the second Primary Server, and the add-on image content is created on the second Primary Server.

    8. In the Summary tab of the bundle, click the Increment Version underlined link for Version, then click Yes in the Confirm Version Increment dialog box.

  4. (Conditional) If ZooKeeper is enabled on the first Primary Server, take a backup of the ZooKeeper folder available at /var/opt/microfocus/zenworks/zookeeper on a Linux server and %ZENSERVER_home%\work\zookeeper on a Windows server.

    If the first Primary Server is up and running, then to replace the ZooKeeper role, see Changing the ZooKeeper role from the first Primary Server to the second Primary Server in ZENworks Vertica Guide.

  5. (Conditional) If Kafka is enabled on the first Primary Server, take a backup of the Kafka-data folder available at /var/opt/microfocus/zenworks/kafka-data on a Linux server or Appliance server.

    If the first Primary Server is up and running, then to replace the Kafka role, see Changing the Kafka role from the first Primary Server to the second Primary Server in Disaster Preparedness and Recovery.

  6. (Conditional) If the first Primary Server has a ZENworks Imaging bundle, copy the bundle to the second Primary Server:

    1. Manually copy all the files with the .zmg extension from the /content-repo/images directory of the first Primary Server to the /content-repo/images directory on the second Primary Server.

    2. In ZENworks Control Center of the second Primary Server, click the Bundles tab, then click the Imaging bundle.

    3. Click the Actions tab.

    4. Click the ZENworks Image action.

      The Edit Action dialog box is displayed.

    5. In the ZENworks Image field, click Browse icon.

      The Server and Path Information dialog box is displayed.

    6. In the Server Object, IP or DNS field, click Browse icon to browse for and select the second Primary Server.

    7. In the File Path on Server field, click Browse icon to browse for and select the image.zmg file.

  7. (Conditional) If the first Primary Server is a ZENworks Patch Management (ZPM) Server, then select another ZPM sever:

    1. In ZENworks Control Center, click the Configuration tab in the left panel.

    2. Click Patch Management.

    3. Click the Subscription Service Settings Link. The Subscription Service Settings page appears.

    4. In the Subscription Service Settings panel, click Reset Subscription Service. A dialog box appears requesting you to confirm your action. Click Yes to proceed further.

    5. In the Start the Subscription Service field, you can select another server from multiple servers in your management zone.

    6. Click Start Service.

  8. (Conditional) If the first Primary Server is a ZENworks Subscription Server, select another subscription server.

    1. In ZENworks Control Center, click the Subscribe and Share tab in the left panel.

    2. In the Subscription page, click the subscription name in the Name column.

    3. In the Summary page, navigate to the Schedules Panel, then click Browse icon in the Subscription Server field to select any other server.

  9. (Conditional) If you have installed a reporting server that points to the first Primary Server, then reconfigure it to point to the second Primary Server. For more information, see ZENworks Reporting Configuration in ZENworks Reporting Appliance Deployment and Administration Reference.

  10. If the first Primary Server is configured as the Dedicated System Update server, then select another Dedicated System Update server:

    1. In ZENworks Control Center, click Configuration tab in the left panel.

    2. Under Management Zone Settings, click Infrastructure Management > System Update Settings.

    3. In the Dedicated Server Settings panel, select the new server that is to be configured as the dedicated server.

  11. If the first Primary Server has the Certificate Authority (CA) role, then move the CA role to the second Primary Server. For more information, see Moving the CA Role in ZENworks SSL Management Reference.

  12. If ZCC Diagnostics fails to connect on the new server, ensure that you execute the following commands in the order listed below,

    1. microfocus-zenworks-configure -c MergeTruststore -Z

      • (Conditional) microfocus-zenworks-configure -c UpdateTrustStorePasswordConfigureAction: Execute this command and run the permission.sh file available at /opt/microfocus/zenworks/bin/ if microfocus-zenworks-configure -c MergeTruststore -Z is executed on an Appliance or a Linux server.

    2. (Only on Appliance) microfocus-zenworks-configure -c UnifyTrustStoreForApplianceConfigureAction

    3. microfocus-zenworks-configure -c UpdateJMXOptions

    4. microfocus-zenworks-configure -c EnableJMX

    5. microfocus-zenworks-configure -c ZenProbe

    6. microfocus-zenworks-configure -c Start: Select the restart option to restart the services.

  13. In the default closest server rule at the Management Zone level, move the first Primary Server as the last entry in the servers list.

    1. In ZENworks Control Center, click the Configuration tab.

    2. In the Management Zone Settings panel, click Infrastructure Management > Closest Server Default Rule.

    3. In the Collection Servers list, select the check box next to the first Primary Server, then click Move Down until the server is the last entry in the list.

    4. In the Content Servers list, select the check box next to the first Primary Server, then click Move Down until the server is the last entry in the list.

    5. In the Configuration Servers list, select the check box next to the first Primary Server, then click Move Down until the server is the last entry in the list.

    6. In the Authentication Servers list, select the check box next to the first Primary Server, then click Move Down until the server is the last entry in the list.

    7. Click OK.

  14. (Conditional) If you have any additional closest server rules configured, remove the first Primary Server from the rules.

    1. In ZENworks Control Center, click the Configuration tab.

    2. In the Management Zone Settings panel, click Infrastructure Management > Closest Server Rules.

    3. Select a closest server rule, then click Edit.

      The Rule Construction dialog box is displayed.

    4. In the Collection Servers list, select the check box next to the first Primary Server, then click Remove.

    5. In the Content Servers list, select the check box next to the first Primary Server, then click Remove.

    6. In the Configuration Servers list, select the check box next to the first Primary Server, then click Remove.

    7. In the Authentication Servers list, select the check box next to the first Primary Server, then click Remove.

    8. Click OK twice.

      NOTE:Remove the server entry from the Location and Network Environment server lists as well. For more information, see Adding Closest Servers to Locations.

  15. Execute the command zman location-response-recompute -f (zman lrr -f).

  16. Refresh all the devices (Primary Serves, Satellites, and managed devices) in the Management Zone so that they get the new closest server rules.

  17. (Conditional) Move the database to another device in any of the following scenarios:

    • You are using an internal ZENworks database.

    • You are using an external database installed on the device hosting the first Primary Server and you do not plan to use the device after uninstalling the Primary Server.

    To move the database to another device:

    1. (Conditional) If you are using an external database, ensure that you have a reliable backup of the database.

    2. Obtain the credentials of the database.

      To procure the credentials of the internal database, use one of the following commands:

      zman dgc -U administrator_name -P administrator_password

      or

      zman database-get-credentials -U administrator_name -P administrator_password

      To obtain the credentials of the external database, contact the database administrator.

    3. Ensure that you run the Commit command after every Update or Delete statements.

    4. If the database is installed on the same device as that of the first Primary Server, move the database.

      MS SQL: For detailed information on how to move the data to a new MS SQL database, see the MS SQL documentation. Later on, perform the steps described in Configuring the ZENworks Server to Point to the New MS SQL Database Containing Data Moved from Another MS SQL Database in the ZENworks Database Management Reference.

      Oracle: For detailed information on how to move the data from one Oracle database to another Oracle database, see the Oracle documentation. Later on, perform the steps described in Configuring the ZENworks Server to Point to the New Oracle Database Containing Data Moved from Another Oracle Database in the ZENworks Database Management Reference.

      PostgreSQL: For detailed information on how to move the data from one PostgreSQL database to another PostgreSQL database, see the Oracle documentation. Later on, perform the steps described in Moving an Embedded PostgreSQL Database from One Primary Server to another Primary Server in the ZENworks Database Management Reference.

    5. If the first Primary Server is an MDM Server, then you need to remove the MDM role from the first server and add the role to another server. All mobile devices enrolled to the first Primary Server should be re-enrolled to the new MDM Server. For more information on removing the MDM role, see Removing MDM Servers in ZENworks Mobile Management Reference. For more information on adding an MDM role to the new server, see Adding an MDM Server in ZENworks Mobile Management Reference.

  18. Update the MasterPrimary and DeviceCertAuth roles to the new Primary Server.

    MasterPrimary Role:

    • Run the following query to identify the server with MasterPrimary role:

      select * from zzenserverroles where roles = 'MasterPrimary'

      (Conditional) If the GUID that you have obtained matches with the GUID of the Primary Server which we are restoring, then run the following configure action to update the MasterPrimary role.

      microfocus-zenworks-configure -c MigrateServerRoleConfigureAction -DsourceGuid=<First PS GUID> -DdestGuid=<second PS GUID> -Drole= MasterPrimary

    DeviceCertAuth Role:

    For the DeviceCertAuth role, run the following command at the new server’s command prompt:

    microfocus-zenworks-configure -c DeviceIdentityCertConfigureAction

    NOTE:To obtain the second primary server GUID, in ZENworks Control Center navigate to Devices and select the server. The summary page displays the GUID number. Alternatively, log into the database and execute the following command: select* from zZENObject where name like '<<Primary Server Name>>'.

  19. In the new server, run the following configure action:

    microfocus-zenworks-configure -c GenerateOSPProperties

  20. To restore the ZooKeeper role in the second Primary Server, execute following steps:

    Restore the backed up ZooKeeper folder that was taken in Step 4 and Step 5 in location /var/opt/microfocus/zenworks/zookeeper on a Linux server or %ZENSERVER_HOME%\work\zookeeper %ZENSERVER_HOME%\work\common\zookeeperon Windows server and ensure that the permission of this folder is set to ZENworks in the second Primary Server.

    IMPORTANT:Perform the following steps only when the first Primary Server is not accessible or no longer available.

    Execute the command zman server-role-kafka-reconfig-broker (zman srkrcb). For example:

    zman server-role-kafka-reconfig-broker --servers=ps1.example.com,ps2.example.com
    1. If the first Primary Server is no longer available in the zone and you are unable to backup and restore the ZooKeeper data, then you can still continue with the following step, however; this will lead to data loss and you will be unable to recover the existing ZooKeeper data:

      1. Run the following Configure action:

        microfocus-zenworks-configure -c MigrateServerRoleConfigureAction -DsourceGuid=<First PS GUID> -DdestGuid=<second PS GUID> -Drole=ZooKeeper

        Example:

        microfocus-zenworks-configure -c MigrateServerRoleConfigureAction -DsourceGuid=d1632252c35422d79d715b1e24b6de03 -DdestGuid=8d1878f8062c3ab74baf713bc8b0ccd8 -Drole=ZooKeeper
      2. Run the following Configure action:

        microfocus-zenworks-configure -c AddZkNodeConfigureAction
      3. If the Primary Server is a Linux server, then execute permission.sh file, which is available at /opt/microfocus/zenworks/bin

      4. Run the following Configure action to enable the ZooKeeper service:

        microfocus-zenworks-configure -c EnableZookeeperServiceConfigureAction
      5. Execute the following steps to start the ZooKeeper service:

        On a Linux Server: Execute the command systemctl start microfocus-zenzookeeper.service

        On a Windows Server: Perform the following:

        1. Click the Start menu on the desktop.

        2. Click Settings > Control Panel

        3. Double-click Administrative Tools > Services

        4. Select Micro Focus ZENworks ZooKeeper and click Start.

      6. Navigate to the Diagnostics page in ZCC and verify whether ZooKeeper is active for the new Primary Server.

  21. (Conditional) After restoring ZooKeeper, if the Kafka cluster is enabled in your zone, then refer to the following steps to update the Kafka brokers:

    1. Delete meta.properties from the folder /var/opt/microfocus/zenworks/kafka-data on all the servers that are part of the Kafka cluster.

    2. Execute the command zman server-role-kafka-reconfig-broker (zman srkrcb). For example:

      zman server-role-kafka-reconfig-broker --servers=ps1.example.com,ps2.example.com
    3. Restore the backed up Kafka-data folder at /var/opt/microfocus/zenworks/kafka-data on a Linux server or Appliance server. Ensure that the permission of this folder is set to ZENworks in the second Primary Server.

  22. Move all Satellites from the first Primary Server to another server.

    For more information on how to remove the Satellites from the Server Hierarchy listing in ZENworks Control Center, see Moving a Satellite from One Primary Server to Another Primary Server in the ZENworks Primary Server and Satellite Reference.

  23. (Conditional) Re-configure the reporting server as mentioned in Step 9.

  24. After ensuring that all the operations in the Management Zone are working as expected, uninstall ZENworks 2020 on the first Primary Server and restart the second Primary Server.

    For detailed information on how to uninstall ZENworks 2020, see ZENworks Uninstall Guide.

    NOTE:If Multizone is configured for this server (which has got replaced with a new Primary Server) as Publisher, then all its subscribers must be updated with the new IP address and certificate of this server.

    1. Log in to ZENworks Control Center (ZCC) of subscribers.

    2. Navigate to Subscribe And Share > Subscriptions > <subscription_name> > Remote Server > Base URL > Edit.

    3. Update the IP address with the new IP address of the Primary Server (Publisher).

    To update the new certificate:

    1. Navigate to Subscribe And Share > Subscriptions > <subscription_name> > Remote Server > Update Certificate.

    2. Update the certificate.