6.3 Adding a New Primary Server

This section provides a step-by-step procedure to add new Primary Servers (secondary) to an existing ZENworks Management Zone.

6.3.1 Prerequisites

Before starting the procedure, ensure that you go through the following points:

  • Ensure that the new server that you are adding to the zone meets all the requirements. For more information, see System Requirements in the ZENworks Documentation site.

  • Ensure that you have installed Docker and Docker Compose on the Linux Primary Server on which the ZENworks server software will be installed.

  • Ensure that the first Primary Server is at ZENworks 23.4. If the first Primary Server is at a lesser version, then installation might fail.

  • The first Primary Server should be up and running.

  • If you are using an external database, then ensure that the database is up and running.

  • If your ZENworks Management Zone is using the internal ZENworks Certificate Authority (CA), the new Primary Server is automatically issued a server certificate during installation.

  • If your zone is using an external CA, you must provide the new Primary Server with a valid certificate issued from the external CA.

  • Ensure that you have taken a reliable backup of the Primary Server.

6.3.2 Adding a new Primary Server to an Existing Management Zone

Installation of an additional Primary Server is less complex than installation of the first Primary Server. The procedure only requires you to provide a target location for the software files, administrator credentials, Primary Server Address, and files for the external certificate (if the zone is using an external CA).

NOTE:Ensure that you take a snapshot of the device before configuring ZENworks, as it is easy to roll back in case of any issues.

Perform the following steps to add a new Primary Server:

  1. Log into the installation server as a Linux administrator.

  2. Download the ZENworks ISO.

  3. Mount the ISO by running the command mount -o loop <ISO path including name> <mount_path>.

  4. cd to the mounted location and run ./setup.sh.

    A command prompt will be displayed. Wait for a few minutes to display the configuration information which includes URLs and credentials to log into the ZENworks configuration wizard.

  5. On the server that you want to add as Primary Server, open the URL in one of the ZENworks-supported browsers.

    This URL can be accessed on any device within the network.

  6. In the login page, specify the username and password that is displayed in the command prompt.

  7. After login, the ZENworks License Agreement page is displayed. Accept the terms of the license and click Accept.

  8. In the Configure ZENworks Primary Server screen, select the Add this server to an existing Management Zone option, and then click Next.

  9. In the background, a system requirement check will be performed.

    If the requirements are not met, then the essential system requirements will be displayed.

    If errors are displayed, then you will not be able to proceed with the installation. Ensure that you adhere to the requirements before proceeding with the installation.

    After making the necessary changes, click re-run System Check, to perform the system requirement check.

    Note: If the server meets all the requirements, then the System Requirements Check screen will not be displayed.

    For more information, go through the system requirements in the ZENworks documentation site.

  10. Click Next.

  11. In the Connect to an Existing Primary Server screen, perform the following actions, and then click Next:

    1. Primary Server: Specify the IP address or FQDN of the first Primary Server.

    2. Port: Select the port used by the first Primary Server.

    3. Administrator: Specify the ZENworks administrator username.

    4. Password: Specify the ZENworks administrator password.

    The specified credentials will be validated.

  12. If the specified credentials are valid, then you will be asked to validate the Primary Server Certificate, if the first Primary Server is using an internal certificate.

    If you are using an external CA, and if the certificate is not from a well known CA, then the following screen might be displayed.

  13. Accept the certificate, and then click Confirm.

  14. In the Open Ports page, ports that are needed by ZENworks are currently blocked by the server's Firewall is displayed.

    Open the ports, and then click Next.

    The opened ports will be left open after completing the installation.

  15. If the existing ZENworks Management Zone is using an internal CA, the new Primary Server is automatically issued a server certificate during installation.

    For the server certificate validity specify a value between 1 and 10 for which the certificate should be valid.

    If you are planning to use this server to manage mobile devices, then ensure that the certificate validity duration should not exceed 2 years.

    Specify the validity of the server certificate, and then click Next.

  16. If you are using an external CA, then specify certificate details for the additional Primary Server.

    • If an External certificate is used in the first Primary Server, choose the required certificate (Server Certificate with Private Key or Server Certificate). If you have used the Generate CSR link, then upload Server Certificate. Based on the certificate specify the following details:

      • Server Certificate: Browse to the signed certificate to be used for this server.

        The certificate must be a SubCA (approved by SubCA) and CA (Approved by root CA) certificates in order:

        ====Beginning of the Certificate File====

        =[Server Certificate]=

        =[SubCA Certificate]=

        =[CA Certificate]=

        ====End of the Certificate File====

      • Private Key File: This field is enabled if you select the Server Certificate with Private Key option. Browse to the .der private key file that is associated with the signed certificate.

        To convert the PEM file to DER file, use the following command:

        openssl pkcs8 –topk8 –nocrypt –in privateKey.key –inform PEM –out key.der –outform DER

        To verify the privateKey.key file, use the following command:

        openssl rsa -in privateKey.key -check

  17. The Summary page displays all the information that was provided while configuring. If any modifications are needed, click Previous.

  18. To initiate the installation, click Install.

    ZENworks installation will be initiated, and the status of the installation will be displayed.

    After successfully adding the new Primary server, ensure that you go through Completing Post-Installation Tasks on Linux Servers.

    If the installation fails, then a link to download the log files will be displayed on the screen. click the link and download the log files to troubleshoot the issues.

    If you are facing any issues, then go through the Troubleshooting section.