All the policies for servers are activated within the Policies property page. Initially the page is on the General policies. As other platforms are selected, additional policies are displayed. You can select which platform to display by placing the mouse over the small triangle on the right side of the Policies tab. This activates a drop-down menu that enables you to select which platform-specific page you want to display.

The following sections briefly discuss each of the policy pages, and then we cover the specifics of each policy.

When you first go into the properties of the server package you are presented with the Policies property page. The Policies page first displays the General category. All the policies activated in the General category are active for all server platforms supported by ZENworks and associated with the server.

Figure 19.1 shows the initial property page of the server package.

FIGURE 19.1 Server package Policies General property page.

As you can see from Figure 19.1, currently six policies are available to all the platforms supported by ZENworks. They are Dictionary Update policy, Imaging Server policy, Inventory Rollup policy, Workstation Import policy, Workstation Removal policy, and ZENworks Database policy. And if you click the Add button you can include additional Wake on LAN policies. These, as well as all the other policies, are discussed later in this chapter.

To activate a policy you simply need to click on the box to the left of the policy. You can go into the details of the policy and set additional configuration parameters on that specific policy.

Within the Policies tab you can select the Windows page. This page displays the policies available for your Windows servers. These policies include Dictionary Update policy, Workstation Import policy, Workstation Removal policy, and ZENworks Database policy. See Figure 19.2 for a sample of the Windows page.

FIGURE 19.2 Server package Windows property page.

As you can see in Figure 19.2, when appropriate, the same policies are under both the General and the Windows properties pages. When you select a policy in the Windows page, it supercedes any selections that may have been on the General page for that platform. The policies will not be merged together; only the platform-specific policy will be used instead of the policy set in the General category. Also, only the policies selected in the platform-specific tab are used in place of the General policies. For example, if the Workstation Import policy is selected in the General page, and the Workstation Removal policy is selected in the Windows page, agents on a Windows Servers system use the General Import policy, and the Windows Removal policy is activated.

Within the Policies tab you can select the NetWare page. This page displays the policies available for NetWare servers. These policies include Dictionary Update policy, Inventory RollUp policy, Workstation Import policy, Workstation Removal policy, and ZENworks Database policy. See Figure 19.3 for a sample of the NetWare page.

FIGURE 19.3 Server policy package NetWare property page.

As you can see in Figure 19.3, when appropriate, the same policies are under both the General page and the NetWare page. When you select a policy in the NetWare page, it supercedes any selections that may have been on the General page for that platform. The policies will not be merged together; only the platform-specific policy is used instead of the policy set in the General category. Also, only the policies selected in the platform-specific page are used in place of the General policies. For example, if the Workstation Import policy is selected in the General page and the Workstation Removal policy is selected in the NetWare page, agents on a NetWare system use the General Import policy, and the NetWare Removal policy is activated.

Within the Policies tab you can select the Linux page. This page displays the policies available for Linux servers. These policies include the Dictionary Update policy, Inventory RollUp policy, Server Down Process, Workstation Import policy, Workstation Removal policy, ZENworks Database policy, and ZENworks Server Management policy. See Figure 19.4 for a sample of the Linux page.

FIGURE 19.4 Server policy package Linux property page.

As you can see in Figure 19.4, when appropriate, the same policies are under both the General page and the Linux page. When you select a policy in the Linux page, it supercedes any selections that might have been on the General page for that platform. The policies will not be merged together; only the platform-specific policy is used instead of the policy set in the General category. Also, only the policies selected in the platform-specific page are used in place of the General policies. For example, if the Workstation Import policy is selected in the General page and the Workstation Removal policy is selected in the Linux page, agents on a Linux system use the General Import policy, and the Linux Removal policy is activated.

The Associations page of the server package displays all the locations in the tree (containers) where the policy package has been associated. These associations do not necessarily reflect where the policy package is located in the directory. The agents associated with servers that are in or below those containers have this policy package enforced. Clicking the Add or Remove buttons enable you to add or remove containers in the list associated with this policy.

All the policies for servers are activated within the Policies property page. Initially the page is on the General policies. As other platforms are selected, additional policies are displayed. You can select which platform to display by placing the mouse over the small triangle on the right side of the Policies tab. This activates a drop-down menu that enables you to select which platform-specific page you want to display.

The following sections briefly discuss each of the policy pages, and then we cover the specifics of each policy.

When you first go into the properties of the server package you are presented with the Policies property page. The Policies page first displays the General category. All the policies activated in the General category are active for all server platforms supported by ZENworks and associated with the server.

Currently five policies are available to all the platforms supported by ZENworks. They are Server Inventory Policy, SMTP Host, SNMP Trap Targets, ZENworks Database, and ZENworks Server Management. If you click the Add button, you can include additional Copy Files, Prohibited Files, or Text File Changes policies. These, as well as all the other policies, are discussed later in this chapter.

To activate a policy you simply need to click on the box to the left of the policy. You can go into the details of the policy and set additional configuration parameters on that specific policy.

Within the Policies tab you can select the Windows page. This page displays the policies available for your Windows servers. These policies include Server Down Policy, Server Inventory Policy, Server Remote Management Policy, SMTP Host, SNMP Trap Targets, ZENworks Database, and ZENworks Server Management. If you click the Add button, you can include additional Copy Files, Prohibited Files, Scheduled Down, Scheduled Load/Unload, Server Scripts, or Text File Changes policies.

The same policies are under both the General and the Windows properties pages. When you select a policy in the Windows page, it supercedes any selections that might have been on the General page for that platform. The policies will not be merged together; only the platform-specific policy will be used instead of the policy set in the General category. Also, only the policies selected in the platform-specific tab are used in place of the General policies. For example, if the Workstation Import policy is selected in the General page, and the Workstation Removal policy is selected in the Windows page, agents on a Windows Servers system use the General Import policy, and the Windows Removal policy is activated.

Within the Policies tab you can select the NetWare page. This page displays the policies available for NetWare servers. These policies include Server Down Policy, Server Inventory Policy, SMTP Host, SNMP Trap Targets, ZENworks Database, and ZENworks Server Management. If you click the Add button, you can include additional Copy Files, NetWare Set Paramters, Prohibited Files, Scheduled Down, Scheduled Load/Unload, Server Scripts, or Text File Changes policies.

When appropriate, the same policies are under both the General page and the NetWare page. When you select a policy in the NetWare page, it supercedes any selections that might have been on the General page for that platform. The policies will not be merged together; only the platform-specific policy is used instead of the policy set in the General category. Also, only the policies selected in the platform-specific page are used in place of the General policies. For example, if the Workstation Import policy is selected in the General page and the Workstation Removal policy is selected in the NetWare page, agents on a NetWare system use the General Import policy, and the NetWare Removal policy is activated.

Within the Policies tab you can select the Linux page. This page displays the policies available for Linux servers. These policies include Server Down Process, SMTP Host, SNMP Trap Targets, and ZENworks Database, ZENworks Server Management. If you click the Add button, you can include additional Copy Files, Prohibited Files, Scheduled Down, Scheduled Load/Unload, Server Scripts, or Text File Changes policies.

When appropriate, the same policies are under both the General page and the Linux page. When you select a policy in the Linux page, it supercedes any selections that might have been on the General page for that platform. The policies will not be merged together; only the platform-specific policy is used instead of the policy set in the General category. Also, only the policies selected in the platform-specific page are used in place of the General policies. For example, if the Workstation Import policy is selected in the General page and the Workstation Removal policy is selected in the Linux page, agents on a Linux system use the General Import policy, and the Linux Removal policy is activated.

Within the Policies tab you can select the Solaris page. This page displays the policies available for Linux servers. These policies include Server Down Process, SMTP Host, SNMP Trap Targets, ZENworks Database, and ZENworks Server Management. If you click the Add button, you can include additional Copy Files, Prohibited Files, Scheduled Down, Scheduled Load/Unload, Server Scripts, or Text File Changes policies.

When appropriate, the same policies are under both the General page and the Solaris page. When you select a policy in the Solaris page, it supercedes any selections that might have been on the General page for that platform. The policies will not be merged together; only the platform-specific policy is used instead of the policy set in the General category. Also, only the policies selected in the platform-specific page are used in place of the General policies. For example, if the SMTP Host policy is selected in the General page and the ZENworks Database policy is selected in the Solaris page, agents on a Solaris system use the General SMTP Host policy, and the ZENworks Database policy from the Solaris page is activated.

The Distributions page of the server package displays distributions that contain this policy package. Clicking the Add or Remove buttons enable you to add or remove Distributions in the list associated with this policy.

This page allows you to check whether the roll-up server is the source of the dictionary. If the roll-up server has the source, nothing else is needed on this page. If the roll-up server is not the source of the dictionary, you need to configure the remaining components on this page, including

This page allows you to specify how often and when the dictionary files should be updated on the workstation.

This page enables you to select when the configuration should be read and applied: Never, Daily, Monthly, Yearly, Interval, or Time.

After you select when you want the configuration applied, you have additional fields to select in the lower portion of the screen. The following sections discuss the various options.

The Imaging Partition page allows you to disable the ZENworks imaging partition if it exists. This is useful if you want to disable imaging on the workstation because no active imaging is occurring on the workstation. For example, you have a one-time image applied to a workstation annually in January. You need the partition to remain intact, but you can disable it the rest of the year. Novell now recommends that the imaging partition be done away with in your environment, replaced with PXE.

Now that ZENworks Desktop Management ships with PXE-enabled software you also may set the PXE settings for deploying any images. Novell now recommends that the Linux partition on the workstation be removed and that customers should move to the PXE method of image deployment. On the PXE Settings page you may set whether the PXE menu should appear automatically when PXE is launched, and you may also set the values that appear on the menu.

A PXE menu displays, for example, whether to receive an image or take an image.

The Rules page, selected from the Work To Do tab pull-down menu, enables the administrator to input the rules and associated images that the system uses to determine the image to place on a specific type of workstation. Figure 19.5 shows an example of this page.

FIGURE 19.5 Rules page for a sample Imaging Server policy of a server package.

You must first click the Add button to add rules to the list. After you have added several rules, you may select a specific rule and change its order in the list, look at its properties, or remove the rule. When you click the Add button, the screen shown in Figure 19.6 appears.

FIGURE 19.6 New Image Selection Rule dialog for a sample Imaging Server policy of a server package.

You first click the browse button next to the Use This Image field to browse to an image object in the tree associated with an image file on the image server. After the image object is selected, you may identify the rule associated with this image. You may currently only have six key/value pairs to compare about the workstation to determine what image to use.

In the middle of the dialog box you can see the six potential equations that you can generate to determine whether the image should be used. The equation is made up of a series of True/False statements put together with AND and OR logic. You construct the statement by filling in the drop-down fields. (The resulting statement is displayed in a more English-like view to help you understand the equation.)

The logic for the AND and OR operators is strictly left to right in the equation. In the Rule Description box parentheses are added to the equation to help the administrator understand how the rule is evaluated. You cannot insert the parentheses; they are automatically inserted as part of the explanation of the equation and are not under user control.

You first select the key you want to examine by selecting the key via a drop-down dialog box. The keys that you can choose from are the following:

When the workstation is booting the imaging system, it is in reality booting up the Linux operating system and running the tools included in the imaging system. The values for the keys described previously are values that the Linux system can report to the software. To discover what a system reports to Linux, you need to boot a sample workstation with the Imaging system boot disk and run the command img information. This displays the information sent to the image server about the workstation. This information is the data values that you put into the key comparison equations for your rules. You can also get this information from an image by opening the image in the ZENworks image editor, right-clicking the image file, and selecting Properties from the menu. See Chapter 22 for more detailed information on the functionality of the ZENworks imaging system.

The next part of the equation is to specify the operator. Two types of operators exist: string and integer. The Hard Drive Size and RAM fields are treated as integers, whereas all the other fields are treated as strings, where a not case-sensitive string compare is done to determine operator results. The string operators are contains, doesn't contain, begins with, and equals. The integer operators are =, <>, >, >=, <, and <=.

These operators perform expected comparisons between the key value supplied by the workstation to the imaging server and the value that you place into the value field of the equation. The following meanings are placed with each operator:

The next field in the operation is where you enter the value that you want to compare. The far right field enables you to extend the operation to additional key/value comparisons. Your choices currently are AND and OR.

The Boolean operators are evaluated strictly from left to right. For example, if the following rules were entered into the policy, the resultant evaluation would be (Hard drive >= 600MB AND RAM < 16MB) OR (RAM > 31MB):

This would result in giving the image to any system that has a disk greater than 600MB with less than 16MB RAM. This would also give the image to any system that has more than 31MB RAM regardless of the size of the hard drive.

You can view the precedence of the equation, complete with parentheses, on the bottom half of the screen as you introduce new key/value pairs into your rule.

After your set of key/value pairs has been entered and you have reviewed your equation at the bottom of the screen, click OK to include the rule into the imaging system. You are returned to the original Rules page with the rule that you entered on the screen.

Once again, from this page, after you enter some rules you can specify the order that the rules are evaluated. After selecting a rule, you can move that rule in the order by clicking either the Move Up or the Move Down button. As the imaging server is evaluating the rules, the first rule that results in a TRUE evaluation results in that imaging being supplied to the workstation.

The Multicast page allows you to specify whether the imaging server checks first to see whether the workstation should take part in a multicast session prior to checking the image selection rules within this policy. If the Check the Image Selection Rules in This Policy Before Checking Within Multicast Sessions check box is checked, the imaging server will check the image selection rules prior to checking its multicast sessions.

The Image-Safe Data tab is composed of four pages. These pages represent information and data placed or retrieved from the system regardless of the image used. The following sections depict the pages available by selecting the small triangle drop-down menu on the Image-Safe Data tab.

An agent exists that may be placed on the workstation called the Image-Safe Data agent. This agent has the responsibility of moving data between a special sector on the disk used to store configuration information such as IP address or DHCP configuration along with workgroup information. This information on the disk is not affected by an image taken or placed on the drive.

When the Image-Safe Data agent runs on the workstation, it makes sure that the information in the special sector and the operating system are synchronized properly. For example, following an image placement, the agent moves the data from the disk into the operating system, setting up the DHCP and computer name. On a workstation that has not just been imaged, the agent moves the information from the operating system into the sector on the disk so that the data can be restored should a new image be placed on the drive. Should the agent not run, the workstation would be an exact mirror of the image (with the same IP and computer name configuration).

The Image-Safe Data configuration page enables the imaging server to pass this configuration information to the agent via this disk sector.

The IP Assignment Log page displays the IP addresses that the imaging server has assigned to any imaged or re-imaged workstations. The available IP addresses can be set in the IP Configuration page described in the following section.

The IP Assignment Log page displays the log of the addresses that have been assigned.

This page can also be used to place an IP address back into the pool of available addresses. If you have an address that you want to place back into the pool, select it from the log list and click the Remove button.

If you specified a range in the IP Configuration page to be the set of IP addresses that you will make available for workstations, when the imaging server uses a portion of the range (at the ends), the range is refreshed on the Configuration page. For example, if the range 123.65.234.1...123.65.234.100 were in the configuration and IP address 123.65.234.1-10 were assigned, the range would be changed to 123.65.234.11...123.65.234.100. Consequently, when you go to the IP Assignment Log page and free up IP address 123.65.234.10, the range is not reconfigured, and the freed IP address is not reassigned. You must manually go to the Configuration page and modify the range to include the addresses that you have freed.

The IP Configuration page enables you to specify whether the workstations imaged by the imaging server will obtain their IP address from a DHCP server or via a static assignment that is done as part of the imaging process.

If you select the DHCP option, when the workstation is imaged, the Windows system is told to get IP addresses from a DHCP server. If, however, you select that you want to specify an IP address, the other fields on the page are activated.

To specify a static IP address, you must first enter the subnet mask and default gateway that you want all your imaged workstations (imaged via the image server using this particular policy) to receive. You must also specify the range of IP addresses used by the imaging server and assigned uniquely to each of the imaged workstations. You specify the set of IP addresses by using the Add and Add Range buttons.

When the imaging server is given a request for an image and after the image has been placed onto the workstation, the IP address information is transmitted and assigned to the workstation. That address is logged in the imaging server and not reused for another workstation.

To remove any address or ranges from the possible set, select the item and click the Remove button. These addresses will no longer be in the pool of available addresses for the imaging server to assign.

In the Windows Networking page you can specify the computer name for the workstation and the workgroup for the system.

The computer name prefix that you enter in the field (maximum of seven characters) is prepended to a randomly generated set of characters and numbers to construct the final 15-character computer name for the workstation.

The Make the Computer a Member of the Following Workgroup field enables you to specify the workgroup that you want for the workstation. You select which you prefer by selecting the field and entering the workgroup name.

The DNS Settings page allows you to specify the DNS suffix and name servers that will be used by this policy. Simply type in the suffix you want to use and click the Add button to bring up an IP address dialog box to specify the addresses of name servers. It is important to use the correct suffix and name servers for the ZENworks imaging engine to process imaging operations on a workstation.

As part of the imaging system the administrator has the ability to request that the workstation have an image taken of itself and placed onto the server. This is done by checking some fields in the workstation object (see Chapter 22 for more details), which causes the workstation to take an image of itself on its next reboot.

When the workstation takes an image of itself, or when an image is taken when a request is made through the Linux boot system, the image is transmitted to the image server. This image server receives the .ZMG file and places it in the path specified. To protect the system from overwriting any files or to prevent users from placing the image files into inappropriate directories, the imaging server takes the information in the security page and restricts the placement of the image files.

When you check Allow Imaging to Overwrite Existing Files When Uploading, you are enabling the system to overwrite any files that may have the same name as the one specified by the user for the name of the image file.

The Only Allow Uploads to the Following Directories check box activates the requirement that all requested uploads must specify one of the directories identified. If the directory portion of the destination path, specified by the user, does not match one of the directories specified in the list on this page, the request to store the uploaded image is refused. To add paths to the list of accepted destinations, click the Add button and enter in the acceptable path.

Paths in the directories may be one of the following formats:

The system does not, for example, take any UNC path. When the user enters the location of the file, including the path, this information transmits to the imaging server. The server compares the directory portion of the path given with all the strings in this list. If a match occurs (that is, the directory is listed), the operation is accepted, and the image is taken and stored. Otherwise, the operation fails, and the image is not taken.

For this instance of the policy, you can specify the paths to be monitored. These directories are used as the source to determine which files are to be deleted or moved in the target locations. You cannot move files to a directory that is being monitored.

You can specify the type of files you want to monitor.

The Down Procedure page enables you to specify the procedure that should be followed when the server is downed.

The following options on the page are activated when the check box is checked:

By selecting the small triangle drop-down control on the Down Process page, you can select the Ordered Unload page. This page enables you to specify a set of NLMs and Java processes that you want killed or unloaded and the order in which to kill or unload them before the downing of the server actually begins.

When you select with the Add button either to unload an NLM or kill a process, a dialog box prompts you to enter the name of the NLM or the process. After entering the name of the NLM or process, click the OK button on the dialog box and the NLM or process name appears in the Ordered Unload page. After you have more than one process or NLM in the list, you can select an item in the list and then move it up or down in the list by clicking the up or down arrows, after selecting an item.

Before the server is downed, these systems are unloaded or killed on the server. This is useful if you have such processes or NLMs as databases or other programs that are caching items in memory and need to flush those buffers onto disk. This can be done, usually, by unloading the process or NLM. This can keep your data integrity solid instead of pulling the server out from under these processes, not allowing them to save their data.

The Reporting page is under the Notification tab. The purpose of this page is to identify some companion servers, whose responsibility it is to send notifications if the server that is associated with this policy does not come up after a specified time. When the server is told to go down, it contacts these companion servers and places a scheduled entry to send a notification message. When the server comes back up and the policy engine is restarted, it contacts these servers again and removes the scheduled entry for the notifications. If the server and the policy engine do not come up in the specified time, these companion servers fire the scheduled entry and send the specified notification messages. These companion servers must also be running the policy engine for this to work.

The Send SNMP Alert if Server Is Not up After a Number of Minutes check box turns on or off the monitoring of the server. You can specify the number of minutes that these other “watcher” servers will wait before they send their SNMP alerts notifying you that the server that was downed is not coming back up.

You then must click the Add button and then browse the tree to identify the servers that are to monitor this behavior. After you specify more than one server, you can order the servers to identify which server has first responsibility to monitor the downed server. When the ZENworks Server Management engine recieves the event that signals the down, it attempts to contact the servers in this list (in order) to notify them to watch for when the server comes back up. If the server in the list cannot be contacted, the engine goes to the next server in the list.

The Broadcast Message page can be found under the Notification tab. This page enables you to specify the broadcast messages that are sent to the connected users as the system is being taken down. You can specify if the message should be sent, how many times you want the message sent before the system goes down, the contents of the message, and an additional trailer that tells the users how long before they will be disconnected from the server.

The number of times to send the message is divided evenly into the number of minutes specified in the Down Procedure page before dropping connections or downing the server (if the Dropping Connections check box is not checked). If, for example, you stated that the server should go down 10 minutes after the request and you specify that the connections should be dropped 4 minutes before downing, the number of minutes that a user has left on the server is 6 minutes (10–4). The number of messages are divided into the 6 minutes and spaced evenly across that time.

If you include the line that states the number of minutes left, the “x” in the line is calculated the same way as above, minus a broadcast cycle. You subtract one cycle so that the last message is displayed at the beginning of the last cycle (rather than the end).

The Targeted Messages page enables you to send specific email messages to a selected set of users to notify them of the downing of the server.

The Send Email to Selected Users When Server Is Going Down check box turns off or on this feature. The Email Message box displays the message that is sent to each of the specified users. You are not able to change or customize the message that is sent.

To add users to the list and have them receive the message, you must click the Add button and select whether you want to add an NDS User or Group, or specify an email address explicitly. When you select User, you are asked to browse to the user in the directory, and the system takes the email address attribute from the user and uses that as the address for the user. Should you choose a group, all of the users in the group are sent the email message and the email attribute is used for each of those users. Should you not want to use the email address attribute in the user object, you may select the down arrow in the Address Attribute field and select which of the NDS User attributes you want to identify as containing the email address. It is expected that the attribute you identify contains a valid email address.

If you choose to enter an email address explicitly, rather than selecting a user or a group, you may choose the Email Address choice from the Add button. You are prompted to enter a valid email address. The entered email address is assumed to be valid and is shown as the User Name field entry in the table with N/A in the Address Attribute field.

You can place any number (based on the limits of NDS) of users, groups, or email addresses into the page and each of them are sent the email message when the server has been requested to go down. The email users recieve just one message at the very beginning of the downing process. This gives these users the maximum amount of time to connect to the server and stop the downing process should they desire. They can connect to the server and, via the policy engine console or via Remote Web Console, cancel the down process.

This page enables you to specify conditions when the down server request should not be honored.

You must check the Use Conditions in Downing Server? check box to make the conditions effective. Then you can add any number of conditions that you want to identify. If any of these conditions are true, the server does not honor the down server request. Select any of the following choices from the drop-down menu:

This feature functions only when you have ZENworks Desktop Management installed in your system.

On the General tab you can specify the following:

Check the Enable Software Scan check box to enable scanning the file system to search for application software. Select the Custom Editor button to add entries into the database to describe application software that is not known in the software database.

Enter any software rules into the Editor tab. These rules constitute key = value pairs used to normalize the inventory information that is collected through the header data on the software application files. If any of the specified keys are found, they are replaced with the given value. This allows you to normalize your data and represent a particular company, for example, as the same string regardless of the different strings that may have been stored in the executable.

On the General tab you can set the following options:

This tab allows you to describe how the remote control session behaves. The following options are available:

This tab allows you to describe how the remote view session behaves. The following options are available:

The Containers page enables the administrator to grant rights to the import service to containers where they must create workstation objects. When you add a container to the list, the system grants rights to the policy object. When the import service needs to perform an import, it logs in as the policy being used, enabling it to obtain rights to create workstation objects in the specified container.

The process of adding and removing containers is familiar. You click the Add button, and you are presented with a dialog that enables you to browse through the tree to select the container you want. When selected, the container is added to the list, and the import service is given a trustee assignment to that container and given the rights to Browse and Create objects.

To remove a container from the list, select the desired container and click the Remove button. This removes the trustee assignment given to the service and deletes it from the displayed list.

The Platforms page enables you to specify the naming of the workstation objects, the location of the object in the tree, and any workstation groups of which you want the workstation objects to be a member. This can be specified for each of the following categories: General, WinNT, Win2000, WinXP, or Win 9x (for example, Windows 98).

Each of the pages within these categories is identical, with the exception that on the nongeneral pages you have the additional field: Enable Platform Settings to Override General Settings. When this field is checked, the platform-specific configuration parameters are used rather than the general. We only discuss the General pages because they apply to all the other platform pages.

Figure 19.8 displays the first General page available.

FIGURE 19.8 General page of a sample Workstation Import policy of a server package.

Each page has three tabs that enable you to configure separate options of the import policy. These tabs are Location, Naming, and Groups. Each of the following subsections discusses these tabs.

On the Limits page the administrator can control when a workstation automatically registers and how the import service on the server behaves. The intention of these fields is to ensure that the performance of the service does not consume a significant amount of processing on the server.

The first portion of the page, the User Login Number field, enables you to configure how many times the workstation must be used (a user logs in to the network via that desktop) before it is registered into the tree. This may be useful if your desktops must pass through several hands (that may connect to the tree) before it gets to its final user destination. Each time the workstation is used and a user is connected to the tree (or the workstation manager agents connects to the tree), the workstation communicates with the workstation import and requests a workstation object. If the number of login times has not been consumed, the service reports that one is not created, and the workstation continues. This repeats until the number of login times has occurred, whereupon the service creates the workstation object and returns the eDirectory Distinguished Name (DN) of the workstation object to the workstation. The desktop records this DN in its registry.

Each time that a user logs in to the workstation, ZENworks updates a count. This count is kept in the workstation registry and is transmitted to the import server, which checks it against the policy. If the count is greater than the policy, the import is performed. This count on the workstation is not reset if the policy changes.

When the Disable History check box is checked, the system will not keep a record of the users who have logged in to this workstation.

Selecting the Limiting the Number of Workstations Imported check box and filling in the Workstations Created Per Hour field enables the administrator to throttle the number of workstations created. This keeps your eDirectory from overloading with a tremendous amount of objects and having to synchronize them around your tree. Imposing this limit forces the service to create only the specified number of workstations in an hour period. As soon as the maximum has been reached within the hour, the workstations are told to proceed without a workstation object. The next time the workstations log in to the network, and the maximum has not been exceeded, the service creates a workstation object for them.

The Containers page enables the administrator to grant rights to the removal service to containers where they must remove workstation objects. When you add a container to the list, the system grants rights to the policy object. When the removal service needs to perform and delete a workstation object, it logs in as the policy being used, enabling it to obtain rights to remove workstation objects in the specified container.

These containers are the only ones that the service monitors for stale workstation objects.

The process of adding and removing containers is familiar. Click the Add button, and you are presented with a dialog box that enables you to browse through the tree to select the container you want. When selected, the container is added to the list, and the import service is given a trustee assignment to that container and given the rights to Browse and Delete objects.

To remove a container from the list, select the desired container and click the Remove button. This removes the trustee assignment given to the service and deletes it from the displayed list.

The Limits page enables you to specify how stale a workstation object must be before it is considered for removal. Figure 19.9 shows a sample Limits page.

FIGURE 19.9 Workstation Removal policy; Limits page.

You can use the up and down spinner controls to specify the number of days the workstation should not be connected with a device before it is considered for deletion. When the time stamp in the workstation object is older than the specified number of days on this page, the removal service deletes the object from the directory.

The Schedule page enables the administrator to identify how often and when the workstation removal service should run on the server.

On this page you may identify the following configuration schedules:

The service, when started, calculates based on the start date, how often it should come alive (interval), and which day it should work. If today’s the day, the service begins its workstation removal work. This is done so that even if the server needed to be rebooted, the service still would properly calculate the day it should run and not rely on being up the number of days in the interval.

The Messaging property page is under the General tab. Unless you are having some problems and are diagnosing some issues, it is not recommended to request a message level higher than 4.

For each of the appropriate fields, you may enter one of the following message levels:

You can administer the following configuration parameters on the Message property page:

Under the ZENworks Server Management tab is the Configuration Page. You can administer the following configuration options on this page:

Under the ZENworks Server Management Port Configuration tab is the Port Configuration Page. This allows you to specify the port that should be used for communications to the services running on the device. The default port is 8089 and can be changed by clicking the up and down arrows.