ZENServer is configured to use ports . If these ports are required for other applications, then the ZENServer ports need to be reconfigured to any other port numbers. Using the information in this chapter, you can change the ZENServer port number. These steps can be performed on both Appliance and Non-appliance Primary Servers to change the port numbers.
IMPORTANT:Before starting this process, ensure that you take a backup of the configuration files, certificates and the database.
Points to Remember: The following points should be considered if agents updates are automated:
If the zone has multiple Primary Servers, the following steps are optional. Because, when the device tries to connect to the server, it will be marked as bad as it is not reachable. Till the next refresh is triggered, it will use another server in the zone based on the configured closest server rules. When the next refresh happens on the agent, it will get the updated server list which will have the updated information and the agent will be updated with the new details.
In the case of a single Primary Server, when the agent comes up, the server will be marked as bad. To avoid this, delay the execution of the zac cc command and the agent restart. After the policy has been applied on the device, the server port has to be changed and then the agent service has to be restarted. A time delay can be added to execute the zac cc command and restart the agent.
Also, the initial-web-service file needs to be modified ONLY on the devices registered to the Primary Server whose port number has been changed. Grep the contents of initial-web-service and make sure whether it has the current server's IP or Hostname in it and then proceed.
During this process, the Primary Server will be down. Therefore, it is recommended to have an alternate Primary Server in the zone so that the managed devices will be able to connect to that server for any activity involving servers.
NOTE:The following actions should be performed in the same order.
Upgrade the port number on the agent machine:
Stop the agent service.
Update the initial-web-service file on the server with the correct port number. The initial-web-service file can be accessed from the following location:
Linux Managed Devices: /etc/opt/novell/zenworks/initial-web-service
Windows Managed Devices: %ZENWORKS_HOME%/conf/initial-web-service
Remove the cache folder.
Update the port number on the server. The server.xml file can be accessed from the following location:
Windows: %ZENWORKS_HOME%/share/tomcat/conf
Linux: /opt/novell/zenworks/share/tomcat/conf
Stop the zenworks services by using the novell-zenworks-configure -c Start command.
Open the server.xml file in a text editor and go to the Service section. In this section, look for the Connector subsection in which the value of the port is the same as the previous https port value and the scheme is https. Update the port to the https port that you want to configure. It should have a line similar to <!-- Define a SSL HTTP/1.1 Connector on port 443 --> above it.
In the Service section in which the Connector port value is the same as the previous http port, update the port value to the desired http port and change the redirectPort attribute to the https port that is configured in the previous step. It should have a line similar to <!-- Define a non-SSL HTTP/1.1 Connector on port 80 --> above it.
In the Service section, in which the connector port value is the same as the previous AJP port and the protocol is something like AJP/1.3, update the port value to the desired AJP port and change the redirectPort to the https port that was configured previously. It should have a line similar to <!-- Define an AJP 1.3 Connector on port 8009 -->
NOTE:On Linux, at the end, ensure that the permissions of server.xml are intact. Permissions should be -rw-r--r--, and ownership should be zenworks:zenworks. If you are unsure, it is recommended to run permissions.sh at the command prompt.
Open an SQL console to execute the following SQL queries:
For MSSQL run the following queries:
update zzenserver set Port = <NEW_HTTP_PORT> where zuid = 0x<SERVER_GUID>
update zzenserver set SSLPort = <NEW_HTTPS_PORT> where zuid = 0x<SERVER_GUID>
For Oracle run the following queries:
update zzenserver set Port = <NEW_HTTP_PORT> where zuid = HEXTORAW('<SERVER_GUID>')
update zzenserver set SSLPort = <NEW_HTTPS_PORT> where zuid = HEXTORAW('<SERVER_GUID>)
For PostgreSQL run the following queries:
update zzenserver set Port = <NEW_HTTP_PORT> where zuid = '\x<SERVER_GUID>'
update zzenserver set SSLPort = <NEW_HTTPS_PORT> where zuid = '\x<SERVER_GUID>'
Update the initial-web-service, file on the server with the latest https port number:
Windows: ZENWORKS_HOME/conf/initial-web-service
Linux: /etc/opt/novell/zenworks/initial-web-service
If you have a firewall enabled, update it with the new port numbers.
Run novell-zenworks-configure -c ZenProbeConfigureAction to configure probe.
Restart the ZENworks services using the novell-zenworks-configure -c Start command (select the option next to Restart).
Execute the zman lrr -f command to re-calculate the closest server rules.
Re-build deployment packages using the novell-zenworks-configure -c CreateExtractorPacks -Z command.
NOTE:Ensure that the new port that is configured is provided along with zman as it uses the default port. (use zman <command> --port=<new port>). The zuid can be found in the following location:
On Windows: ZENWORKS_HOME/conf/DeviceGuid
On Linux: /etc/opt/novell/zenworks/DeviceGuid
Start the agent service. Use either the /etc/init.d/novell-zenworks-xplatzmd start --clean command or the systemctl start novell-zenworks-xplatzmd.service command for Linux devices.
NOTE:If you are changing the server port to a non-default port, use the GLOBAL_OPTIONS_FILE option to store the non-default port information for the ZMAN commands. For more information on this option, see ZENworks Command Line Utilities Reference.