3.2 Adding a new Primary Server to an Existing Management Zone

Installation of an additional Primary Server is less complex than installation of the first Primary Server. The procedure only requires you to provide a target location for the software files, administrator credentials, Primary Server Address, and files for the external certificate (if the zone is using an external CA)

NOTE:Ensure that you take a snapshot of the device before configuring ZENworks, as it is easy to roll back in case of any issues.

Perform the following steps to add a new Primary Server:

  1. On the server, download and mount the ZENworks ISO.

  2. Run setup.bat.

    A command prompt will be displayed. Wait for a few minutes to display the configuration information which includes URLs and credentials to log into the ZENworks configuration wizard.

  3. On the server that you want to add as Primary Server, open the URL in one of the ZENworks-supported browsers.

    This URL can be accessed on any device within the network.

  4. In the login page, specify the username and password that is displayed in the command prompt.

  5. After login, the ZENworks License Agreement page is displayed. Accept the terms of the license and click Accept.

  6. In the Configure ZENworks Primary Server screen, select the Add this server to an existing Management Zone option, and then click Next.

  7. The Installation Directory screen is displayed. In this screen, specify a valid path where ZENworks should be installed, and then click Next.

    If you are using a Linux server, then this screen will not be displayed.

  8. In the background, a system requirement check will be performed.

    If the requirements are not met, then the essential system requirements will be displayed.

    If errors are displayed, then you will not be able to proceed with the installation. Ensure that you adhere to the requirements before proceeding with the installation.

    After making the necessary changes, click re-run System Check, to perform the system requirement check.

    NOTE:If the server meets all the requirements, then the System Requirements Check screen will not be displayed.

    For more information, go through the system requirements in the ZENworks documentation site.

  9. Click Next.

  10. In the Connect to an Existing Primary Server screen, perform the following actions, and then click Next:

    1. Primary Server: Specify the IP address or FQDN of the first Primary Server.

    2. Port: Specify the port used by the first Primary Server.

    3. Administrator: Specify the ZENworks administrator username.

    4. Password: Specify the ZENworks administrator password.

    The specified credentials will be validated.

  11. If the specified credentials are valid, then you will be asked to validate the Primary Server Certificate.

    If you are using an external CA, and if the certificate is not from a well known CA, then the following screen might be displayed.

  12. Accept the certificate, and then click Confirm.

  13. In the Open Ports page, ports that are needed by ZENworks are currently blocked by the server's Firewall is displayed.

    Open the ports, and then click Next.

    The opened ports will be left open after completing the installation.

  14. If the existing ZENworks Management Zone is using an internal CA, the new Primary Server is automatically issued a server certificate during installation.

    For the server certificate validity specify a value between 1 and 10 for which the certificate should be valid.

    If you are planning to use this server to manage mobile devices, then ensure that the certificate validity duration should not exceed 2 years.

    Specify the validity of the server certificate, and then click Next.

  15. If you are using an external CA, then specify certificate details for the additional Primary Server.

    • If an External certificate is used in the first Primary Server, choose the required certificate (Server Certificate with Private Key or Server Certificate). If you have used the Generate CSR link, then upload Server Certificate. Based on the certificate specify the following details:

      • Server Certificate: Browse to the signed certificate to be used for this server.

        The certificate must be a SubCA (approved by SubCA) and CA (Approved by root CA) certificates in order:

        ====Beginning of the Certificate File====

        =[Server Certificate]=

        =[SubCA Certificate]=

        =[CA Certificate]=

        ====End of the Certificate File====

      • Private Key File: This field is enabled if you select the Server Certificate with Private Key option. Browse to the .der private key file that is associated with the signed certificate.

        To convert the PEM file to DER file, use the following command:

        openssl pkcs8 –topk8 –nocrypt –in privateKey.key –inform PEM –out key.der –outform DER

        To verify the privateKey.key file, use the following command:

        openssl rsa -in privateKey.key -check

  16. The Summary page displays all the information that was provided while configuring. If any modifications are needed, click Previous.

  17. To initiate the installation, click Install.

    ZENworks installation will be initiated, and the status of the installation will be displayed.

    After the installation is completed, you will be asked to restart the system. You can either reboot the server, or you can reboot the server later.

    It is recommended that you restart the server so that settings are applied successfully.

    After successfully adding the new Primary server, ensure that you go through Completing Post-Installation Tasks on Windows Servers.

    If the installation fails, then a link to download the log files will be displayed on the screen. click the link and download the log files to troubleshoot the issues.

    If you are facing any issues, then go through the Troubleshooting section.