Before starting the procedure, ensure that you go through the following points:
Ensure that the new server that you are adding to the zone meets all the requirements. For more information, see ZENworks System Requirements in the ZENworks Documentation site.
Ensure that the first Primary Server is at ZENworks 23.4. If the first Primary Server is at a lesser version, then installation might fail.
The first Primary Server should be up and running.
If you are using an external database, then ensure that the database is up and running.
If your ZENworks Management Zone is using the internal ZENworks Certificate Authority (CA), the new Primary Server is automatically issued a server certificate during installation.
If your zone is using an external CA, you must provide the new Primary Server with a valid certificate issued from the external CA.
Ensure that you have taken a reliable backup of the Primary Server.
To add a new Primary Servers to your existing ZENworks Management Zone, perform the following steps:
Deploy ZENworks Appliance. For information, see Section 3.0, Appliance Deployment.
Launch the URL on a supported web browser.
The URL (https://<FQDN>:9443 or https://<ipaddress>:9443) is displayed on the appliance console.
Log into ZENworks Appliance with the root or zenadmin credentials that were used in Step 2, in the Section 3.2, Configuring the Appliance Settings.
In the Appliance console, click ZENworks Configuration to initiate ZENworks appliance configuration.
You will be redirected to a new browser tab.
NOTE:Ensure that you have enabled or allowed the pop-up in your browser.
In the new tab, the ZENworks License Agreement page is displayed. Accept the terms of the license and click Next.
Select Add the server to an existing ZENworks Management zone, and then click Next.
Requirements for the server that is being added to an existing ZENworks Management Zone:
The DNS name or IP address of your zone's Primary Server
The zone administrator credentials to add a new Primary Server
The additional Primary Server can be added only if all the Primary Servers in the zone are upgraded to ZENworks
In the Connect to an Existing Primary Server, specify the following information, and then click Next:
Primary Server: The first Primary Server’s FQDN or IP address.
Port: The Port used by the first Primary Server in the Management Zone. The default port is 7443.
NOTE:When adding a new appliance, ensure that you specify the default 7443 port, or any custom port used when upgrading ZENworks.
Administrator: The ZENworks management zone's administrator user name.
Password: The password for the ZENworks management zone's administrator.
On the Open Ports screen, select Yes, open all the above-listed ports, and then click Next.
To communicate securely with the first Primary Server, in the Validate Primary Server Certificate dialog box, select Click here to accept this certificate and proceed, and then click Confirm.
This dialog box is displayed only when an unknown certificate is detected.
Specify certificate details for the additional Primary Server.
NOTE:The certificate validity should be between 1 and 10 years. If you plan to use the server as an MDM server, then to ensure communication with iOS and Mac devices, the certificate validity should not exceed 2 years.
If an Internal certificate is used in the first Primary Server, ZENworks detects the internal certificate and automatically issue the certificate.
If an External certificate is used in the first Primary Server, choose the required certificate (Server Certificate with Private Key or Server Certificate). If you have used the Generate CSR link, then upload Server Certificate. Based on the certificate specify the following details:
Server Certificate: Browse to the signed certificate to be used for this server.
The certificate must be a SubCA (approved by SubCA) and CA (Approved by root CA) certificates in order:
====Beginning of the Certificate File====
=[Server Certificate]=
=[SubCA Certificate]=
=[CA Certificate]=
====End of the Certificate File====
Private Key File: This field is enabled if you select the Server Certificate with Private Key option. Browse to the .der private key file that is associated with the signed certificate.
To convert the PEM file to DER file, use the following command:
openssl pkcs8 –topk8 –nocrypt –in privateKey.key –inform PEM –out key.der –outform DER
To verify the privateKey.key file, use the following command:
openssl rsa -in privateKey.key -check
The Summary screen displays the information that you provided to add a new Primary Server to an existing ZENworks Management Zone.
Click Install to initiate the ZENworks configuration.
ZENworks configuration starts and it might take several minutes. The configuration process will continue in the background even if you close the browser or the browser times out.
After successfully completing the installation, the status will be displayed as shown in the following images:
On Windows, it is recommended that you restart the server so that settings are applied successfully.
If the installation fails, then a link to download the log files will be displayed on the screen. click the link and download the log files to troubleshoot the issues.
If you are facing any issues, then go through the Troubleshooting section.