You will most likely want to get inventory information and reports from your PDAs in the network. To get at this information you must complete the configuration of the handheld service object that was placed into eDirectory at installation time.

You can configure the service object with the following steps:

After this is done, you can move on to the next step of creating a handheld policy to import.

It is important to have the handheld objects imported into the eDirectory tree so that you can associate policies and applications with them, and it is possible to retrieve their inventory.

The following steps are necessary to get the import policy up and running in your ZENworks tree:

After the handheld agents are installed on the handheld device, when the device attempts to perform synchronization, ZENworks will register the device and create a handheld device object in eDirectory. When that object is present, any associated applications and policies will be applied (on the next synchronization).

ZENworks Handheld Management always takes an inventory of the handheld device so that no additional inventory policy is required to be created and associated.

Now we are set on the server side and the configuration.

If your handheld devices are not going to synchronize via a desktop, the agents must be installed via your wireless synchronization point. After those agents are delivered to the device, they will connect via IP into the Access Points or directly to the ZENworks Handheld Server to get their policies and applications and to deliver their inventory.

The ZENworks Handheld Management clients and synchronization software must be installed on each of the workstations where a PDA device will be synchronizing from the cradle. Installing the agents via a group policy, login script, or other mechanisms can do this. If ZENworks Desktop Management is in the system, ZENworks can deliver these clients to the proper workstations. Proceed with the following steps to get the synchronization software and agents to the workstations via ZENworks Desktop Management:

This application object will now deliver and install the Handheld Synchronization Client to those desktops with ActiveSync or HotSync installed, when the user logs in to her workstation.

If you want to also deliver the IP clients for wireless connectivity to other desktops, you can create another application object just as we did for the synchronization client and associate it with your users. The synchronization client then delivers the IP client with it.

The way we have configured this application object will launch the installer from the server, and the user will need to walk through the installation interface. If you want, you could run Snapshot to capture the install and provide this as a Microsoft Installer package (MSI) or Application Object Template (AOT) package that would remove the user interface installation. (See Chapters 10, “Creating Application Packages with snAppShot,” and 11, “Creating and Using Application Objects,” for more information on Snapshot and application object creation.)

From the previous step, you will have created an application object for the synchronization software required to run on the workstation where the handheld will run. If you have workstations that are Windows XP workstations with SP2 installed, there could be a firewall running on these workstations. ZENworks Handheld Management requires that certain ports be opened for communication between the synchronization workstation and the Access Points.

If ZENworks Desktop Management is in the system, ZENworks can deliver the proper registry key changes to the clients to open these ports and allow handheld communication. Proceed with the following steps to get the firewall ports opened properly on these workstations via ZENworks Desktop Management:

This application object will now deliver and install the registry keys required to open the firewall on the workstation. This allows the handheld synchronization client on desktops with ActiveSync or HotSync installed to communicate back to the Access Points.

You can create a handheld application object to deliver applications to the handheld device by following these steps:

Now we have an application to deliver to any new Palm devices introduced into the system. The next step illustrates how policies also can be applied.

In this step we create a handheld policy for our Palm device. You can also create policies for Windows CE or PocketPC devices as well as RIM Blackberry devices.

To create a new handheld policy and hand it out to your devices, do the following:

1.   Log in as admin and launch ConsoleOne.

2.   Browse to and select the container where you want to keep your policies for handhelds—it does not have to be in the container where the actual handheld objects reside.

3.   Select the Create Policy Package Wizard on the toolbar.

4.   Select Handheld Package on the first page of the wizard and click Next.

5.   Enter a package name for the object and the container where you want this object. Click Next.

6.   Click Define Additional Properties and click Finish.

7.   On the Policies tab, select the device type, and enable the policy you want. For this example, enable Palm Security Policy, as shown in Figure 6.1.

FIGURE 6.1 Select Palm Security Policy.

8.   Click on the Security tab and activate Require a Password to Be Set on the Handheld. For this example, also activate Additional Password Settings and then Enable Auto Lock Configuration On Power Off, as shown in Figure 6.2.

FIGURE 6.2 Configuring the handheld security policy.

9.   Click on the Self-Destruct tab and enable self-destruct after the specified number of failed attempts. Click OK.

NOTE

When the user fails to log in properly, immediately after the specified failed login the device will be reset and will remove all applied software and content.

10.   Select the Associations tab and then click Add. Browse to and select the handheld devices or containers of handheld devices that you want to receive and enforce this policy. Click OK.

11.   Click OK.

Now you have an application and a policy to deliver to your new handheld objects when they are created.

Now it is time to see whether everything works properly.

Log in to a workstation that has the ZENworks agent installed. If you are in a Windows environment, the ZENworks Management agents will automatically log in to eDirectory behind the scenes and will not prompt the user as long as the username and password for the domain are the same as the username and password for eDirectory.

Launch the Application Launcher or Explorer on the workstation, if you did not set it to automatically launch. ZENworks should display the associated applications. The Force Run installation of the Open Handheld Firewall application and the Handheld Synchronization application should happen automatically. When installed on the laptop or desktop where the device is synchronized, the clients will be automatically placed on the handheld device at the next synchronization.

Synchronize the handheld device. You should see some ZENworks Handheld Management agents being installed on the device. The first synchronization places the agents on the device.

Synchronize the device again. This time the agents will communicate with the Access Point installed on the ZENworks Handheld Server. Notice that because user associations are active for Handheld Management, you are prompted for a username and password for eDirectory. After the agents have communicated with the server, a handheld object will automatically be created in the directory along with full inventory information.

Go to the server and launch ConsoleOne. Browse to the container where you told the import policy to place handheld devices. You should see the handheld device that was just created. Look into its properties and see the general and inventory information about the device. Notice that the application and security policy has still not been sent to the device. The last synchronization just created the object.

Synchronize the Palm device yet again. This time you will see that the list application is automatically installed. You will also see that the policy is delivered—the Palm automatically prompts you for a password. Enter a password and click OK. Power off the Palm and power it back on—note that the password is now enforced on power-on of the device.

Check out the policy. Enter the correct password at the power-on prompt. Enter some addresses in the address book. Power off the Palm device. Power it back on, but enter an incorrect password the number of times you specified in the policy (default is 5). After the fifth incorrect password, enter the correct one. Notice that the address book is empty, and the list application is gone. Reset and synchronize to restore your Palm device.

Go to the server and look at the properties of the Palm device. Click on the ZENworks Inventory tab and click the Advanced Inventory button at the bottom. Another inventory tool opens up and shows you the full details of the handheld scan as shown in Figure 6.3.

FIGURE 6.3 Advanced inventory tools for handhelds.

From this Advanced Inventory view you can create and run reports. From the menu, select Reports→Software Inventory→Applications→For a Client, for example. Select the Palm device that was just imported and click OK. This brings up the report for that handheld device as illustrated in Figure 6.4.

FIGURE 6.4 Software inventory report for Palm handheld device.

Congratulations! You have now successfully installed ZENworks Handheld Management, delivered applications and policies, and run an inventory report.

Now that you have successfully configured the basic features of ZENworks Handheld Management, you are prepared to continue to explore handheld and other features of ZENworks.

The next chapter walks you through getting your ZENworks Patch Management system up and functioning.