Update for ZENworks 11 SP2 - System Requirements

October 2013

The following sections provide the hardware and software requirements for the Update for ZENworks 11 SP2. New requirements are indicated by New in (version) text:

1.0 Primary Server Requirements

The server where you install the Primary Server software must meet the following requirements:

Table 1 Primary Server Requirements

Item

Requirements

Additional Details

Server Usage

Your server might be capable of handling tasks in addition to the tasks a Primary Server performs for ZENworks 11 SP2. However, we recommend that any server where you install the Primary Server software be used only for ZENworks 11 SP2 purposes.

For example, you might not want the server to do the following:

  • Host Novell eDirectory

  • Host Novell Client32

  • Host Active Directory

  • Be a terminal server

Operating System

Windows:

  • Windows Server 2003 R2 SP2 x86, x86_64 (Enterprise and Standard editions)

  • Windows Server 2003 SP2 x86, x86_64 (Enterprise and Standard editions)

  • Windows Server 2008 SP1 / SP2 x86, x86_64 (Enterprise and Standard editions)

  • Windows Server 2008 R2 x86_64 (Enterprise and Standard editions)

  • Windows Server 2008 R2 SP1 x86_64 (Enterprise and Standard editions)

Linux:

  • SUSE Linux Enterprise Server 10 (SLES 10) SP3/SP4 x86, x86_64 (Intel and AMD Opteron processors)

  • Open Enterprise Server 2 (OES 2) SP2 / SP3 x86, x86_64

  • SLES 11 SP1 x86, x86_64 (Intel and AMD Opteron processors)

  • Red Hat Enterprise Linux 5.5 / 5.6 / 5.7 x86, x86_64

  • Red Hat Enterprise Linux 6.0 x86, x86_64

  • Red Hat Enterprise Linux 6.1 x86, x86_64

  • Open Enterprise Server 11 (OES 11) x86_64

  • New in 11.2.1: SLES 11 SP2 x86, x86_64 (Intel and AMD Opteron processors)

  • New in 11.2.2: Open Enterprise Server 11 SP1 (OES 11 SP1) x86_64

All the Core and Data Center Editions of Windows Server 2003 and Windows Server 2008 are not supported as Primary Server platforms. Windows Server 2008 Core is not supported because it does not support the .NET Framework.

ZENworks 11 SP2 Configuration Management is supported on Windows Server 2003 and Windows Server 2008 editions with or without Hyper-V.

Before you install a ZENworks Server on a SLES 11 x86_64 device, you must ensure that pam-32 bit libraries are installed on the device because the CASA rpms are dependent on these libraries.

To install pam-32 bit libraries:

  1. Log in to the Linux device as the root user.

  2. Insert the Linux installation media.

  3. Run Yast to open the YaST Control Center.

  4. Click Software > Software Management.

  5. In the Search option, specify CASA and click OK to list all the CASA packages.

  6. Select the pam-32 package and click Install > Apply.

NOTE:Installation on a server in a clustered environment is not supported.

IMPORTANT:Open Enterprise Server and all x86 (32-bit) operating systems will not be supported ZENworks Primary Server platforms in ZENworks 11 SP3.

 

  • New in 11.2.2: Red Hat Enterprise Linux 5.8 / 6.2 x86, x86_64

  • New in 11.2.3: Red Hat Enterprise Linux 5.9 / 6.3 x86, x86_64

  • New in 11.2.4: Red Hat Enterprise Linux 6.4 x86, x86_64

  • New in 11.2.4: SLES 11 SP3 and SLED11 SP3 x86, x86_64

 

Processor

Minimum: Server-class CPU such as AMD Opteron or Intel Xeon processor.

If the Primary Server is running on a Virtual Machine, it is recommended to use a dual-core processor.

If the Primary Server is running Patch Management, we recommend a fast processor, such as the Intel Core Duo processor.

RAM

2 GB minimum; 4 GB recommended

 

Disk Space

9 GB if installing without ZENworks Reporting Server. 14 GB if installing with ZENworks Reporting Server. 7 GB is recommended for running. Depending on the amount of content you need to distribute, this number can vary greatly.

500 MB is recommended for the tmp directory. This disk space is required for rebuilding and editing the packages.

Patch Management file storage (downloaded patch content) requires at least 25 GB of additional free disk space. All content replication servers also require this same amount of additional free disk space if Patch Management is enabled. If you use Patch Management in additional languages, each server also requires this additional amount of free space for each language used.

Because the ZENworks database file and ZENworks content repository can each become very large, you might want a separate partition or hard drive available.

For information on changing the default content repository location on a Windows server, see Content Repository in the ZENworks 11 Primary Server and Satellite Reference.

For Linux servers, you might want the /var/opt directory to be located on a large partition. This is where the database (if embedded) and content repository are stored.

/etc directory requires less space.

Display resolution

1024 × 768 with 256 colors minimum

 

File System

If you have installed embedded Sybase on your device, ensure that the file system of the drive where you have installed ZENworks Configuration Management supports files with size higher than 4 GB.

 

DNS Resolution

The servers and workstations in the Management Zone must use properly configured DNS to resolve device hostnames, otherwise some features in ZENworks will not work properly. If the DNS is not properly configured, the servers cannot communicate with each other, and the workstations cannot communicate with the servers.

Server names must support DNS requirements, such as not having underscores in their names, or ZENworks login fails. Acceptable characters are the letters a-z (uppercase and lowercase), numbers, and the hyphen (-).

 

IP Address

  • The server must have a static IP address or a permanently leased DHCP address.

  • An IP address must be bound to all NICs on your target server.

Installation hangs if it is trying to use a NIC that does not have an IP address bound to it.

Microsoft .NET (Only for Windows)

The Microsoft .NET 3.5 SP1 framework and its latest updates must be installed and running on the Windows Primary Server in order to install ZENworks 11 SP2.

On Windows Server 2003/2008, you are given the option to launch the .NET installation during the installation of ZENworks. If you select the option, .NET is automatically installed.

On Windows Server 2008 R2, .NET 3.5 SP1 is available by default. However, you need to enable it. You are given the option to enable .NET during the installation of ZENworks. If you select the option, .NET is automatically enabled.

For more information on how to enable the .NET framework, see Enabling the .NET Framework in the ZENworks 11 Discovery, Deployment, and Retirement Reference.

Firewall Settings: TCP Ports

80 and 443

Inbound Port:

Port 80 is for Tomcat non-secure port and Port 443 is for Tomcat secure port.

Port 443 is also used for CASA authentication. Opening this port allows ZENworks to manage devices outside of the firewall. It is a good practice to make sure that the network is configured to always allow communication on this port between the ZENworks Server and ZENworks Agents on managed devices.

If other services are running on ports 80 and 443, such as Apache, or are used by OES2, the installation program asks you for new ports to use.

If you plan to use AdminStudio ZENworks Edition, it requires that the Primary Server is using ports 80 and 443.

Outbound Port:

Primary Server downloads patch license related information and checksum data over HTTPS (port 443), and the actual patch content files over HTTP (port 80). ZENworks Patch Management license information is obtained from the Lumension licensing server, the patch content and checksum data is retrieved from an AKAMAI hosted content distribution network (novell.cdn.lumension.com). You must make sure that the firewall rules allow outbound connections to these addresses because the patch content distribution network is a large fault tolerant network of cache servers.

Primary Server performs the ZENworks System Update Entitlement activation over HTTP (port 443) using the secure-www.novell.com website. This rule can be turned off after successfully completing the entitlement activation.

For more information, see System Update Entitlement in the ZENworks 11 System Updates Reference.

Primary Server downloads system update related information and content over HTTP (port 443) using the you.novell.com website.

 

 

For more information see Managing Update Downloads in the ZENworks 11 System Updates Reference.

NOTE:You must assign the Network Interface to the firewall zone. Firewall rules are applied to this zone for managing the ports used by ZENworks 11 SP2.

 

2645

Used for CASA authentication. Opening this port allows ZENworks to manage devices outside of the firewall. It is a good practice to make sure that the network is configured to always allow communication on this port between the ZENworks Server and ZENworks Agents on managed devices.

 

5550

Used by Remote Management Listener by default.You can change this port in the Remote Management Listener dialog box in ZENworks Control Center.

Remote Management is used only with ZENworks Configuration Management.

 

5750

Used by Remote Management proxy.

Remote Management is used only with ZENworks Configuration Management.

 

5950

Used by Remote Management service by default. You can change this port in the Remote Management Settings panel of the Remote Management Configuration page in ZENworks Control Center.

Remote Management is used only with ZENworks Configuration Management.

 

7628

Used by the Adaptive Agent for Quick Tasks.

 

8005

Used by Tomcat to listen to shutdown requests. This is a local port, and cannot be accessed remotely.

 

8009

Used by Tomcat AJP connector.

 

9971

Used by AMT Hello Listener to discover the Intel AMT devices.

Firewall Settings: UDP Ports

67

Used by proxy DHCP when it is not running on the same device as the DHCP server.

 

69

Used by the Imaging TFTP, but will not work across firewall because it opens random UDP port for each PXE device.

The Imaging TFTP is used only with ZENworks Configuration Management.

 

997

Used by the Imaging Server for multicasting.

The Imaging Server is used only with ZENworks Configuration Management.

 

998

Used by the Preboot Server (novell-pbserv).

The Preboot Server (novell-pbserv) is used only with ZENworks Configuration Management.

 

1761

Port 1761 on the router is used to forward subnet-oriented broadcast magic packets for Wake-On-LAN.

 

4011

Used for proxy DHCP when it is running on the same device as the DHCP server. Make sure that the firewall is configured to allow the broadcast traffic to the proxy DHCP service.

 

13331

Used by the zmgpreboot policy, but will not work across firewall because it opens random UDP port for each PXE device.

The zmgpreboot policy is used only with ZENworks Configuration Management.

Supported Hypervisors

ZENworks server software can be installed in the following virtual machine environments:

  • VMware Workstation 6.5

  • XEN (Novell SLES 10, SLES 11 and Citrix XenServer 5.x, 6.0)

  • VMware ESX (4.1 update1, 4.1 update 2 and 5)

  • Microsoft Hyper-V Server Windows 2008 R2

  • New in 11.2.2: Citrix XenServer 6.1

  • Only released versions of guest operating systems (VMs) are supported. Experimental guest operating systems are not supported.

  • The guest operating system must match the operating system specified when creating the VM. For example, if during creation of the VM, the guest operating system is specified as Windows Server 2003, the actual guest operating system must be Windows Server 2003.

NOTE:If a Primary Server is behind a NAT firewall, the devices on the Internet or public network cannot communicate with it. To resolve the issue, you must configure additional IP addresses or DNS names for the Primary Server through ZENworks Control Center. For more information on how to configure additional access to a Primary Server, see Configuring Additional Access to a ZENworks Server in the ZENworks 11 Primary Server and Satellite Reference.

2.0 Managed Device Requirements

The ZENworks Adaptive Agent is the management software that is installed on all managed devices, including Primary Servers.

Managed devices can be used as Satellites. If you want to use a managed device as a satellite, then in addition to the requirements listed in this section, make sure that the device is capable of performing the satellite functions and meets the requirements listed in Satellite Requirements section.

IMPORTANT:If you plan to use ZENworks Full Disk Encryption on a managed device, the device must meet the requirements listed in Section 2.1, Windows Managed Device Requirements and the additional requirements listed in Managed Device Requirements in the ZENworks 11 SP2 Full Disk Encryption Agent Reference.

2.1 Windows Managed Device Requirements

ZENworks 11 SP2 can manage any Windows workstation and server that meets the following requirements:

Table 2 Windows Managed Device Requirements

Item

Requirements

Additional Details

Operating System: Windows Servers

  • Windows Server 2003 R2 SP2 x86, x86_64 (Enterprise and Standard editions)

  • Windows Server 2003 SP2 x86, x86_64 (Enterprise and Standard editions)

  • Windows Server 2008 SP1 / SP2 x86, x86_64 (Enterprise and Standard editions)

  • Windows Server 2008 R2 x86_64 (Enterprise and Standard editions)

  • Windows Server 2008 R2 SP1 (Enterprise and Standard editions)

  • New in 11.2.3: Windows Server 2012 x86_64 (Standard edition)

All the Core Editions of Windows Server 2003 and Windows Server 2008 are not supported as a managed device platform because they do not support the .NET Framework.

ZENworks 11 SP2 Configuration Management is supported on Windows Server 2003 and Windows Server 2008 editions with or without Hyper-V.

Operating System: Windows Workstations

  • Embedded XP SP2 / SP3 x86

  • Windows Vista SP2 x86, x86_64 (Business, Ultimate, and Enterprise versions only; Home versions are not supported)

  • Embedded Vista SP1 / SP2

  • Windows XP Professional SP2 / SP3 x86

  • Windows XP Tablet PC Edition SP3 x86

  • Windows 7 x86, x86_64 (Professional, Ultimate, and Enterprise editions)

  • Windows 7 SP1 x86, x86-64 (Professional, Ultimate, and Enterprise editions)

  • New in 11.2.3: Windows 8 x86, x86_64 (Enterprise and Professional editions)

A managed device name must not exceed 32 characters. If a device name exceeds 32 characters, that device is not inventoried. In addition, make sure that the device name is unique so that the device is recognized appropriately in the inventory reports.

Operating System: Thin Client sessions

  • Windows Server 2003 SP2

  • Windows Server 2008 SP2

  • Windows Server 2008 R2

  • Windows Server 2008 R2 SP1 (Enterprise and Standard editions)

  • Citrix XenApp 5.0

  • Citrix XenApp 6.0

  • Citrix Receiver Enterprise (for Admin Use Only) 3.0 and 3.1

  • Citrix Online plugin (for Web Access) 12.1.44 and 12.0.x

  • Citrix Online plugin (for Admin Use Only) 12.1.44 and 12.0.x

  • New in 11.2.2: Citrix XenApp 6.5

Windows Server 2008 Core is not supported as a managed device platform because the .NET Framework is not supported on Windows Server 2008 Core.

Hardware

The following are minimum hardware requirements. Use these requirements or the hardware requirements provided with your operating system, whichever is greater.

  • Processor: Pentium III 700 MHz, or equivalent AMD or Intel

  • RAM: 256 MB minimum; 1 GB recommended

  • Disk Space: 230 MB minimum for installing; 4GB recommended for running. Depending on the amount of content you need to distribute, this number can vary greatly.

    NOTE:In the case of an agent that is promoted to a content or imaging satellite role, it is recommended to have higher disk space accordingly.

  • Display resolution: 1024 × 768 with 256 colors

 

Automatic ZENworks Adaptive Agent Deployment

In order to automatically deploy the Adaptive Agent to your managed devices, the following are required:

  • Your firewall must allow file and print sharing

  • On Windows XP devices, Simple File Sharing must be turned off

  • Administrator credentials must be known for the devices in order to install to them

  • The date and time on the managed devices and ZENworks Server must be synchronized

  • The File and Printer Sharing for Microsoft Networks option must be enabled

  • ZENworks 11.2.2 and earlier versions of agents support only MBR partition scheme on the hard disk

    NOTE:GPT (GUID Partition Table) is supported for agents only from ZENworks version 11.2.3

For detailed information about the prerequisites, see Prerequisites for Deploying to Windows Devices in the ZENworks 11 Discovery, Deployment, and Retirement Reference.

Microsoft .NET

The Microsoft .NET 3.5 SP1 framework and its latest updates must be installed and running on the Windows managed device in order to install ZENworks 11 SP2.

On Windows Server 2003, Windows XP, and Windows Vista, .NET is automatically installed if you choose to deploy the PreAgentPkg_AgentCompleteDotNet.exe standalone package. If you choose to deploy the PreAgentPkg_Agent.exe network package or the PreAgentPkg_AgentComplete.exe standalone (.NET required) package, you must manually install .NET 3.5 SP1 before you begin to install the agent.

On Windows 7 and Windows Server 2008 R2, .NET is available by default. However, you must enable the .NET framework before deploying the agent on these devices. For more information on how to enable the .NET framework, see Enabling the .NET Framework in the ZENworks 11 Discovery, Deployment, and Retirement Reference.

Microsoft Windows Installer

The Microsoft Windows Installer 3.1 or later must be installed and running on the Windows managed device in order to install ZENworks 11 SP2.

If you choose to deploy the PreAgentPkg_AgentCompleteDotNet.exe standalone package, Windows Installer 3.1 is automatically installed. If you choose to deploy the PreAgentPkg_Agent.exe network package or the PreAgentPkg_AgentComplete.exe standalone (.NET required) package, you must manually install Windows Installer 3.1 or later before you begin to install the agent.

TCP Ports

7628

In order to view the status in ZENworks Control Center of the ZENworks Adaptive Agent for a managed device, ZENworks automatically opens port 7628 on the device if you are using the Windows firewall. However, if you are using a different firewall, you must open this port manually.

Port 7628 must also be opened on the device if you want to send a Quick Task to the from ZENworks Control Center.

 

5950

For Remote Management where the ZENworks Adaptive Agent is running, the device listens on port 5950.

You can change the port in ZENworks Control Center (Configuration tab >Management Zone Settings > Device Management > Remote Management).

Remote Management is used only with ZENworks Configuration Management.

Supported Hypervisors

ZENworks managed device software can be installed in the following hypervisors:

  • VMware Workstation 6.5

  • XEN (Novell SLES 10, SLES 11 and Citrix XenServer 5.x, 6.0)

  • VMware ESX(4.1 update1, 4.1 update 2 and 5)

  • Microsoft Hyper-V Server Windows 2008 R2

  • New in 11.2.2: Citrix XenServer 6.1

  • Only released versions of guest operating systems (VMs) are supported. Experimental guest operating systems are not supported.

  • The guest operating system must match the operating system specified when creating the VM. For example, if the guest operating system is specified as Windows Vista during creation of the VM, the actual guest operating system must be Windows Vista.

Supported Virtual Desktop Interface

ZENworks managed device software can be installed in the following VDI environments

  • Citrix XenDesktop 5.0

  • New in 11.2.2: Citrix XenDesktop 5.6 Feature Pack 1

  • VMware VDI 4.6

  • New in 11.2.3: VMware VDI 5.1 with VDI Client 5.2

 

NOTE:If you choose to use Novell Client on the managed device, the following versions of the Novell Client are supported with ZENworks:

  • Novell Client 4.91 SP5 IR1 (On Windows XP)

  • Novell Client 2 SP1 IR5 (On Windows Vista or Windows 7)

  • Novell Client 2 SP3 IR2 (On Windows 7 and Windows 8)

2.2 Linux Managed Device Requirements

ZENworks 11 SP2 can manage any Linux workstation and server that meets the following requirements:

Table 3 Linux Managed Device Requirements

 

 

Operating System: Servers

  • SLES 10 SP2 / SP3/ SP4 x86, x86_64 (Intel and AMD Opteron processors)

  • Open Enterprise Server 2 SP2 / SP3 x86, x86_64

  • Open Enterprise Server 11 (OES 11) x86_64

  • SLES 11 x86, x86_64 (Intel and AMD Opteron processors)

  • SLES 11 SP1 x86, x86_64 (Intel and AMD Opteron processors)

  • Red Hat Enterprise Linux 5.5 /5.6 / 5.7/6.0 x86, x86_64/ 6.1 x86, x86_64

  • New in 11.2.1: SLES 11 SP2 x86, x86_64 (Intel and AMD Opteron processors)

  • New in 11.2.2: Open Enterprise Server 11 SP1 (OES 11 SP1) x86_64

  • New in 11.2.3: Red Hat Enterprise Linux 5.9 / 6.3 x86, x86_64

  • New in 11.2.4: Red Hat Enterprise Linux 6.4 x86, x86_64

  • New in 11.2.4: SLES11 SP3 x86, x86_64

Operating System: Workstations

  • Red Hat Enterprise Linux 5.5 / 5.6 / 5.7/6.0 x86, x86_64

  • SUSE Linux Enterprise Desktop 10 (SLED 10) SP3 / SP4 x86, x86_64

  • SLED 11 SP1 x86, x86_64

  • SLED 11 SP2 x86, x86_64

  • New in 11.2.2: Red Hat Enterprise Linux 5.8, 6.2, 6.3 x86, x86_64

  • New in 11.2.3: Red Hat Enterprise Linux 5.9 x86, x86_64

  • New in 11.2.4: SLED11 SP3 x86, x86_64

Hardware

  • Processor: Minimum - Pentium IV 2.8 GHz 32-bit (x86) and 64-bit (x86_64), or equivalent AMD or Intel processor

  • RAM: 512 MB minimum; 2 GB recommended

  • Disk Space: 230 MB minimum for installing; 4 GB recommended for running. Depending on the amount of content you need to distribute, this number can vary greatly.

  • Display Resolution: 1024 × 768 with 256 colors minimum

Hostname Resolution

  • The server must resolve device hostnames by using a method such as DNS (recommended).

  • Server names must support DNS requirements, such as not having underscores in their names, or ZENworks login fails. Acceptable characters are the letters a-z (uppercase and lowercase), numbers, and the hyphen (-).

    If you use DNS, it must be properly set up, or some features in ZENworks might not work.

IP Address

  • The server must have a static IP address or a permanently leased DHCP address.

  • If you have multiple NIC's it is recommended to bind the IP addresses on all the NIC's. However, ZENworks works even if one IP address is configured.

TCP Ports: 7628

You must assign the Network Interface to the firewall zone. Firewall rules are applied to this zone for managing the ports used by ZENworks 11 SP2.

Supported Hypervisors

ZENworks server software can be installed in the following hypervisors:

  • VMware Workstation 6.5

  • XEN (Novell SLES 10, SLES 11 and Citrix XenServer 5.x, 6.0)

  • VMware ESX (4.1 update1, 4.1 update 2 and 5)

  • Microsoft Hyper-V Server Windows 2008 R2

  • New in 11.2.2: Citrix XenServer 6.1

In addition, the following requirements apply:

  • Only released versions of guest operating systems (VMs) are supported. Experimental guest operating systems are not supported.

  • The guest operating system must match the operating system specified when creating the VM. For example, if the guest operating system is specified as SLES 10 during creation of the VM, the actual guest operating system must be SLES 10.

2.3 Macintosh Managed Device Requirements

ZENworks 11 SP2 can manage any Macintosh workstation that meets the following requirements:

Table 4 Macintosh Managed Device Requirements

Operating System

Macintosh 10.5 (Leopard)

Macintosh 10.6 (Snow Leopard)

Macintosh 10.7 (Lion)

(New in 11.2.2) Macintosh 10.8 (Mountain Lion)

Additional Details

Supported Architecture

64 bit (Power PC is not supported)

32 bit and 64 bit

64 bit

Hardware

  • Processor: Intel

  • RAM:512 MB minimum; 2 GB recommended

  • Disk space: 230 MB minimum for installing; 2 GB recommended for running. Depending on the amount of content you need to distribute, this number can vary greatly.

  • Display resolution:1024 × 768 with 256 colors minimum

  • Processor: Intel

  • RAM:1 GB minimum; 2 GB recommended

  • Disk space: 230 MB minimum for installing; 2 GB recommended for running. Depending on the amount of content you need to distribute, this number can vary greatly.

  • Display resolution:1024 × 768 with 256 colors minimum

  • Processor: Intel Core 2 Duo,Core i3, Core i5, Core i7, Xeon processor

  • RAM:2 GB Minimum

  • Disk space: 230 MB minimum for installing; 2 GB recommended for running. Depending on the amount of content you need to distribute, this number can vary greatly.

  • Display resolution:1024 × 768 with 256 colors minimum

 

Java

Java 1.6 should be installed on the device through Software Update, if pre-installed Java version is 1.5.

Java 1.6

Java 1.6 should be installed on the device through Software Update.

 

TCP ports

7628

7628

7628

Used by the Adaptive Agent.

NOTE:ZENworks 11.2.4 release supports:

  • Mac OS X 10.5.x to 10.8.4

  • Mac OS X 10.8.5 (not extensively tested)

NOTE:

  • ZENworks 11 SP2 does not support Mac OS-X server as a managed device

  • ZENworks 11 SP2 does not support 32-bit Macintosh 10.5 devices, because Java 1.6 is not supported on them.

3.0 Satellite Requirements

A Satellite is a managed device that can perform some of the roles that a ZENworks Primary Server normally performs, including authentication, information collection, content distribution, and imaging. A Satellite can be any managed Windows, Macintosh or Linux device (server or workstation), but not a Primary Server.

NOTE:It is recommended to upgrade all Imaging Satellites along with Primary Servers. Or Exclude older version Imaging Satellite Servers from the tftp replication.

The following sections contain more information:

3.1 Windows Device Performing Satellite Roles

In addition to their usual functions, Windows devices can be used as satellites. Make sure that when you use these managed devices for satellites, they are capable of performing the satellite functions.

A Windows device performing satellite roles must meet the minimum requirements of a Windows managed device listed in Windows Managed Device Requirements section with the following exceptions:

  • Windows Embedded XP is not a supported workstation operating system for Satellite devices.

  • Satellite devices require additional TCP and UDP ports to be open.

The following table lists the additional TCP and UDP ports that must be open on a Satellite device:

Table 5 Additional Ports Required for a Managed Device Performing Satellite Roles

Item

Requirements

Additional Details

Firewall Settings: TCP Ports

80

If you plan to use AdminStudio ZENworks Edition, it requires that the Primary Server is using port 80.

 

443

Port 443 is used for CASA authentication. Opening this port allows ZENworks 11 SP2 to manage devices outside of the firewall. It is a good practice to make sure that the network is configured to always allow communication on this port between the ZENworks Server and ZENworks Agents on managed devices.

998

Used by Preboot Server (novell-pbserv).

The Preboot Server (novell-pbserv) is used only with ZENworks Configuration Management.

Firewall Settings: UDP Ports

67

Used by proxy DHCP when it is not running on the same device as the DHCP server.

 

69

Used by the Imaging TFTP, but will not work across firewall because it opens random UDP port for each PXE device.

The Imaging TFTP is used only with ZENworks Configuration Management.

 

997

Used by the Imaging Server for multicasting.

The Imaging Server is used only with ZENworks Configuration Management.

 

4011

Used for proxy DHCP when it is running on the same device as the DHCP server. Make sure that the firewall is configured to allow the broadcast traffic to the proxy DHCP service.

 

13331

Used by the zmgpreboot policy, but will not work across firewall because it opens random UDP port for each PXE device.

The zmgpreboot policy is used only with ZENworks Configuration Management.

3.2 Linux Device Performing Satellite Roles

A Linux device performing satellite roles must meet the minimum requirements of a Linux managed device listed in Linux Managed Device Requirement section.

The following table lists the additional TCP and UDP ports that must be open on a Satellite device:

Table 6 Linux Device Performing Satellite Roles Requirements

Item

Requirements

Additional Details

TCP Ports

80

80 is for Tomcat non-secure port.

If the server is running other services on ports 80 and 443, such as Apache, or are used by OES2, the installation program asks you for new ports to use.

 

998

Used by Preboot Server (novell-pbserv).

The Preboot Server (novell-pbserv) is used only with ZENworks Configuration Management.

 

7628

Used by the Adaptive Agent.

 

8005

Used by Tomcat to listen to shutdown requests. This is a local port, and cannot be accessed remotely.

 

8009

Used by Tomcat AJP connector.

UDP Ports

67

Used by proxy DHCP when it is not running on the same device as the DHCP server.

 

69

Used by the Imaging TFTP, but will not work across firewall because it opens random UDP port for each PXE device.

The Imaging TFTP is used only with ZENworks Configuration Management.

 

997

Used by the Imaging Server for multicasting.

The Imaging Server is used only with ZENworks Configuration Management.

 

4011

Used for proxy DHCP when it is running on the same device as the DHCP server. Make sure that the firewall is configured to allow the broadcast traffic to the proxy DHCP service.

 

13331

Used by the zmgpreboot policy, but will not work across firewall because it opens random UDP port for each PXE device.

The zmgpreboot policy is used only with ZENworks Configuration Management.

3.3 Macintosh Device Performing Satellite Roles

A Macintosh device performing satellite roles must meet the minimum requirements of a Macintosh managed device listed Macintosh Managed Device Requirements.

The following table lists the additional TCP ports that must be open on a Satellite device:

Table 7 Macintosh Device Performing Satellite Roles Requirements

Item

Requirements

Additional Details

TCP Ports

80

80 is for HTTP non-secure port.

 

7628

Used by the Adaptive Agent.

Using a Satellite for Imaging

When a Satellite is used for Imaging, you can use the img command at the imaging maintenance mode prompt or use the Novell ZENworks Imaging Engine menu to do some imaging operations. Use the -session (Multicast Image Set) mode command to take an image of one device and restore it to multiple other devices simultaneously over the network in a single operation. For more information on the requirements for using the Imaging Engine commands, see ZENworks Imaging Engine Commands in ZENworks 11 Preboot Services and Imaging Reference.

4.0 Database Requirements

If you choose to use a database for the ZENworks database other than the embedded Sybase SQL Anywhere database that is available as the default for ZENworks 11 SP2, the other database must meet the following requirements:

Table 8 Database Requirements

Item

Requirement

Database Version

Microsoft SQL Server 2008 (not extensively tested)

Microsoft SQL Server 2008 R2 SP1

Oracle 11g R1 (not extensively tested)

Oracle 11g R2

NOTE:If you are planning to use Oracle Real Application Clusters (Oracle RAC) with ZENworks, see:

Sybase SQL Anywhere 12

New in 11.2.3: Microsoft SQL Server 2008 R2 SP2 and Microsoft SQL Server 2008 SP2 (not extensively tested)

Database Hostname

The database hostname should be resolvable by the Domain Name Server Service

TCP ports

The server must allow Primary Server communication on the database port. For MS SQL, make sure to configure static ports for the database server.

The default ports are:

  • 1433 for MS SQL

  • 2638 for Sybase SQL

  • 1521 for Oracle

IMPORTANT:You can change the default port number if you have a conflict. However, you must make sure that the port is opened for the Primary Server to talk to the database.

UDP Ports

1434 for MS SQL (If ZENworks uses named instance of the database)

WAN consideration

Primary Servers and the ZENworks database must reside on the same network segment. Primary Servers cannot write across a WAN to the ZENworks database.

Default Character Set

For Sybase, the UTF-8 character set is required.

For MS SQL, ZENworks Configuration Management does not require any specific character set. ZENworks Configuration Management supports all character sets supported by MS SQL.

For Oracle, the NLS_CHARACTERSET parameter must be set to AL32UTF8 and the NLS_NCHAR_CHARACTERSET parameter must be set to AL16UTF16.

Collation

ZENworks 11 SP2 Configuration Management is not supported with a case-sensitive instance of the MS SQL database. Hence, you must make sure that the database is case insensitive before setting it up.

Database User

Make sure that there is no restriction for the ZENworks database user to connect to a remote database.

For example, if the ZENworks database user is an Active Directory user, make sure that the Active Directory policies allow the user to connect to a remote database.

Database Settings

For MS SQL, set the READ_COMMITTED_SNAPSHOT setting to ON so that it allows read access to information in the database while data is being written or modified.

To set the READ_COMMITTED_SNAPSHOT setting to ON, execute the following command at the database server prompt:

ALTER DATABASE database_name SET READ_COMMITTED_SNAPSHOT ON;

NOTE:You must adhere to the following guidelines to configure the database settings:

  • Before configuring the database settings, stop all the ZENworks Services on all the ZENworks Servers.

  • After configuring the settings, start all the ZENworks Services on all the ZENworks Servers.

For detailed information on how to stop and start the ZENworks Services, see ZENworks Server in the ZENworks 11 Primary Server and Satellite Reference.

5.0 LDAP Directory Requirements

ZENworks 11 SP2 can reference existing user sources (directories) for user-related tasks such as assigning content to users, creating ZENworks administrator accounts, and associating users with devices creating ZENworks administrator accounts and associating users with devices. LDAP (Lightweight Directory Access Protocol) is the protocol used by ZENworks with respect to interacting with users.

Table 9 LDAP Directory Requirements

Item

Requirements

LDAP version

LDAP v3

OPENLDAP is not supported. However, if you have eDirectory installed on a SUSE Linux server, you can use that as a user source. LDAP v3 can be used to access eDirectory on the Linux server using the alternate ports that you specified for eDirectory when installing it (because OPENLDAP might have been using the default ports).

Authoritative user source

  • Novell eDirectory 8.7.3 or 8.8 (on all supported platforms)

    If you use eDirectory as the user source, make sure that no two eDirectory users have the same username and password. Even if the usernames are same, make sure that the passwords are different.

  • Microsoft Active Directory (as shipped with Windows 2000 SP4 or later)

  • Domain Services for Windows (DSfW)

LDAP user access

ZENworks requires only read access to the LDAP directory. For more information, see Connecting to User Sources in the ZENworks 11 SP2 Administration Quick Start.

LDAP Authentication

Simple bind

Simple bind is in which an application provides a Distinguished Name (DN) and the clear text password for that DN. To use a simple bind, the client must supply the DN of an existing LDAP entry and a password which matches the userPassword attribute for that entry. The Administrator can also enter the DN and the clear text password by using the Configuration page in the ZENworks Control Center.

6.0 Inventoried-Only Device Requirements

You can use ZENworks 11 SP2 to inventory workstations and servers by deploying the Inventory-Only module on these devices.

IMPORTANT:If there are ZENworks product issues that are caused by an issue with the platform, the following support standards apply:

  • Platforms that are generally supported by platform vendors are supported by Novell.

  • If the platform vendor provides support to your installations through a special agreement (such as extended support), Novell expects you to extend this support infrastructure to us to resolve the issue.

  • If the platform vendor does not support the platform at all, Novell offers no additional support.

The inventoried-only devices must meet the following requirements:

Table 10 Inventoried-Only Device Requirements

Item

Requirements

Operating System: Servers

  • AIX 5.1-6.1 IBM pSeries (RS6000) x86, x86_64

  • HP-UX 10.20-11.23 HP PA-RISC (HP9000)

  • NetWare 5.1, 6, 6.5

  • OES 2 SP1 / SP2 / SP3 x86, x86_64

  • Open Enterprise Server 11 (OES11) x86_64

  • Red Hat Enterprise Linux 4.8-6.0 x86, x86_64

  • Solaris 2.6–10 Sun SPARC x86_64

  • SLES 8.0-11 (all editions)

  • Windows 2000 Server SP4 x86

  • Windows Server 2003 SP1 / SP2 x86, x86_64 (Enterprise and Standard editions)

  • Windows Server 2008 SP1 / SP2 x86, x86_64 (Enterprise and Standard editions)

  • Windows Server 2008 R2 SP1 (Enterprise and Standard editions)

  • New in 11.2.2: Open Enterprise Server 11 SP1 (OES 11 SP1) x86_64

  • New in 11.2.3: Red Hat Enterprise Linux 5.9 / 6.3 x86, x86_64

  • New in 11.2.4: Red Hat Enterprise Linux 6.4 x86, x86_64

  • New in 11.2.4: SLES11 SP3 x86, x86_64

Operating System: Workstations

  • Mac OS X 10.5.x to 10.6.6

    For Mac OS X 10.7, you need to install the full adaptive agent, as Inventory-only agent is not supported.

  • Red Hat Enterprise Linux 4.8-6.0

  • SLED 8.0-11 (all editions)

  • Windows 2000 Professional SP4 x86

  • Embedded XP SP2 / SP3

  • Windows SP2 x86, x86_64 (Business, Ultimate, and Enterprise versions only; Home versions are not supported)

  • Embedded Vista SP1 / SP2

  • Windows XP Professional SP2 / SP3 x86, x86_64

  • Windows XP Tablet PC Edition SP3 x86

  • Windows 7 SP1 x86, x86_64 (Professional, Ultimate, and Enterprise editions)

  • New in 11.2.2: Red Hat Enterprise Linux 5.8, 6.2, 6.3, 6.4 x86, x86_64

  • New in 11.2.3: Windows 8 x86, x86_64 (Enterprise and Professional editions)

  • New in 11.2.4: SLED11 SP3 x86, x86_64

  • New in 11.2.4: Mac OS X 10.8.3 and 10.8.4

  • New in 11.2.4: Mac OS X 10.8.5 (not extensively tested)

Operating System: Sessions

Thin Client sessions:

  • Windows 2000 Server SP4 x86

  • Windows Server 2003 SP2 x86, x86_64

  • Citrix XenApp 4.5

  • Citrix XenApp 5.0

  • New in 11.2.2: Citrix XenApp 6.5

Inventory Only Module

After installing ZENworks 11 SP2 to your network, you must install this module on the above-listed devices to inventory them. For more information, see Deploying the Inventory-Only Module in the ZENworks 11 Discovery, Deployment, and Retirement Reference.

Hardware: Disk Space

The Inventory-Only module requires the following minimum disk space:

  • AIX: 4 MB

  • Solaris: 4 MB

  • Linux: 900 KB

  • HP-UX: 900 KB

  • Windows: 15 MB

  • Mac OS: 8 MB

  • NetWare: 30 MB

System Libraries: AIX

The following system libraries are required on AIX devices:

  • /unix

  • /usr/lib/libc.a (shr.o)

  • /usr/lib/libc.a (pse.o)

  • /usr/lib/libpthread.a (shr_xpg5.o)

  • /usr/lib/libpthread.a (shr_comm.o)

  • /usr/lib/libpthreads.a (shr_comm.o)

  • /usr/lib/libstdc++.a (libstdc++.so.6)

  • /usr/lib/libgcc_s.a (shr.o)

  • /usr/lib/libcurl.a (libcurl.so.3)

  • /usr/lib/libcrypt.a (shr.o)

System Libraries: HP-UX

The following system libraries are required on HP-UX devices:

  • /usr/lib/libc.1

  • /usr/lib/libc.2

  • /usr/lib/libdld.1

  • /usr/lib/libdld.2

  • /usr/lib/libm.2

  • /usr/local/lib/libcrypto.sl

  • /opt/openssl/lib/libcrypto.sl.0

  • /opt/openssl/lib/libssl.sl.0

  • /usr/local/lib/libiconv.sl

  • /usr/local/lib/libintl.sl

  • /usr/local/lib/gcc-lib/hppa1.1-hp-hpux11.00/3.0.2/../../../libidn.sl

7.0 Administration Browser Requirements

Make sure the workstation or server where you run ZENworks Control Center to administer your system meets the following requirements:

Item

Requirements

Web Browser

The administration device must have one of the following Web browsers installed:

  • Internet Explorer 8 (32-bit only) on Windows Vista, Windows 7, Windows Server 2003, Windows XP, Windows Server 2008, and Windows Server 2008 R2

  • Internet Explorer 9 (32-bit only) on Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2

  • New in 11.2.2: Firefox version 15.0 on Windows and Linux devices.

    NOTE:Firefox versions below 15.0 are not supported.

  • New in 11.2.3: Firefox version 17.0 and 17.0.2 ESR on Windows and Linux devices.

  • New in 11.2.3: Firefox version 18.0 or the later patches of version 18.0 on Windows and Linux devices

  • New in 11.2.4: Firefox version 19.0 to version 22.0 on Windows and Linux devices

    NOTE:Firefox versions below 17.x are not supported.

TCP Ports

In order to fulfill a user’s request for a remote session on a managed device, you must open port 5550 on the management console device in order to run Remote Management Listener.

8.0 Installation User Requirements

The user running the installation program must have administrator or root privileges on the device. For example:

  • Windows: Log in as a Windows administrator.

  • Linux: If you log in as a non-root user, use the su command to elevate your privileges to root, then run the installation program.

9.0 Supported Smart Cards and Smart Card Readers

For information on the supported Smart Cards and the Smart Card Readers, see Novell Enhanced Smart Card Method Installation and Administration Guide.