You can use Primary Servers and Satellite devices that have the Authentication role to authenticate users to the ZENworks Management Zone. To improve performance, you can create multiple connections to local replicas of Novell eDirectory or Active Directory trees so that Satellites do not have to authenticate users over a WAN or slow link. Creating connections to local LDAP user sources also provides fault tolerance by providing failover to other user source connection in the event that one connection does not work.
For example, if you use Novell eDirectory in your ZENworks environment, you can use multiple authentication servers in your system so that Satellites with the Authentication role can contact local authentication servers for authentication purposes rather than contacting remote servers.
If a user source connection cannot connect, there is more than a one-minute delay for each subsequent user source connection that is tried. This results from CASA having an internal delay that is not currently configurable.
The following sections contain more information.
In ZENworks Control Center, click the Configuration tab, then click a user source in the User Sources panel.
In the Connections panel, click Add to launch the Create New Connection Wizard.
Fill in the fields:
Connection Name: Specify a descriptive name for the connection to the LDAP directory.
Address: Specify the IP address or DNS hostname of the server where the LDAP directory resides.
Port: This field defaults to the standard SSL port (636) or non-SSL port (389) depending on whether the user source uses SSL. If your LDAP server is listening on a different port, select that port number.
Add Connection to all Primary Servers: Adds the connection you are creating to all ZENworks Primary Servers in the Management Zone.
(Conditional) If the user source uses the Secure Socket Layer (SSL) protocol, click Next to display the Certificate page, ensure that the certificate is correct, then click Next to advance to the Summary page.
or
If the user source does not use SSL, click Next to advance to the Summary page.
Review the information and, if necessary, use the Back button to make changes to the information, then click Finish.
For more information about configuring Satellites with the Authentication role, see Section 10.0, Satellites.
In ZENworks Control Center, click the Configuration tab, then click a user source in the User Sources panel.
In the Connections panel, click the name of a connection to display the Edit Connection Details dialog box.
Edit the fields, as necessary:
Connection Name: Displays a descriptive name for the connection to the LDAP directory. You cannot edit this field.
Address: Specify the IP address or DNS hostname of the server where the LDAP directory resides.
Use SSL: Displays Yes or No, depending on whether the user source uses SSL. You cannot edit this field.
Port: This field defaults to the standard SSL port (636) or non-SSL port (389) depending on whether the user source uses SSL. If your LDAP server is listening on a different port, select that port number.
Certificate: If the user source uses SSL, displays the certificate for the user source. You cannot edit the certificate.
Update: If the user source uses SSL, click the Update button to update the certificate, if a new certificate exists.
Click OK.
In ZENworks Control Center, click the Configuration tab.
In the User Sources panel, click the underlined link for a user source.
In the Connections panel, select a connection’s check box.
Click Remove.
A certificate is used to allow secure communication between devices and user sources. If your certificate expires or you want to change the certificate, you need to update the certificate.
In ZENworks Control Center, click the Configuration tab.
In the User Sources panel, click the user source.
In the Connections panel, click a connection to display the Edit Connection Details dialog box.
Click Update.