Novell Doc: Novell ZENworks 7 Server Management Installation Guide - Enable Inter‑Server Communications Security

G.4 Enable Inter‑Server Communications Security

After you have exited the Inter-Server Communications Security Installation Wizard, create and distribute a Text File Changes policy that is used to enable the security. To create and distribute the policy, complete the following in order:

G.4.1 Creating a Text File Changes Policy for Enabling Inter‑Server Communications Security

In ConsoleOne®, right-click the container where you want the Policy Package object stored, click New, then click Policy Package.

This starts the Policy Package Wizard.
Under Policy Packages, select Distributed Server Package, then click Next.
Name the package, then click Next.

Make the package name unique to identify its purpose.
Click Define Additional Properties, then click Finish.
Click the Policies > General tab, then click Add.

This policy can apply to any platform.
In the Add Policy dialog box, click Text File Changes, enter a name for the policy, then click OK.

The new policy is enable and automatically selected.
Click Properties.

The Text File Policy tab is displayed.

Because the security=false line could exist, you need to create two text file changes in order to effectively change security from false to true. This is accomplished in the next two steps.
Click Add, then do the following:
1. Enter sys:\zenworks\zws\zws.properties in the Filename field.
2. Replace the “Change #1” text that defaults with a descriptive change tag; for example, Delete Security Line.
3. In the Change Mode field, select Search File.
4. In the Search Type field, select Entire Line.
5. In the Search String field, enter security=false.
6. In the Result Action field, select Delete Line.
Click the down arrow button for the drop-down field next to the Add button, select Change, click Add, then do the following:
1. Replace the “Change #2” text that defaults with a descriptive change tag; for example, Append Security Line.
2. In the Change Mode field, select Append to File.
3. In the New String field, enter security=true.
  
  This string is case sensitive.
Click OK to save the policy, then click OK to exit.
Continue with Section G.4.2, Distributing the Text File Changes Policy.

G.4.2 Distributing the Text File Changes Policy

In ConsoleOne, right-click your TED container, click New > Object, select TED Distribution, then click OK.
Enter the Distribution’s name.

Make the Distribution’s name unique to identify its purpose.
Browse for the Distributor object, click Define Additional Properties, then click OK.
Click the Type tab, in the Select Type drop-down box, select Policy Package, then click Add.
Browse for the policy package you created in Section G.4.1, Creating a Text File Changes Policy for Enabling Inter‑Server Communications Security, click Select, then click OK.
Click the Schedule tab, click the arrow for the drop-down box of the Schedule Type field, select Run Immediately, then click OK.

This schedule type causes the Subscriber to extract the Distribution and enforces the policy as soon as it is received.
Click the Channel tab, click Add, browse for the Channel, click Select, then click OK.

Make sure the Channel is listed as Active in the Channels list.
When finished configuring the Distribution, click OK.

You are prompted to resolve the certificates.
Click Yes to resolve the certificates.

This copies the security certificates from the Distributor to the Subscribers that are subscribed to the Channel.

IMPORTANT:If you have Linux or Solaris Subscribers and do not have drives mapped from your workstation to those servers, you must resolve certificates to those servers manually. For more information, see Resolving Certificates in the Novell ZENworks 7 Server Management Administration Guide.

After the Text File Changes policy Distributions are sent, received, and extracted on each target server, inter-server communications security is in effect.