An HTTP request is not redirected to HTTPS if IIS is running on the Primary Server
ZENworks Control Center throws a java.lang.NoClassDefFoundError Exception
Opening links in a new tab or new window of ZENworks Control Center might fail to display the page
Unable to login in to ZENworks Control Center in Internet Explorer 8 on Windows 8 machine
ZENworks Control Center is vulnerable to SQL injection attacks
An HTTP request is not redirected to HTTPS if IIS is running on the Primary Server
ZENworks Control Center throws a java.lang.NoClassDefFoundError Exception
On Windows: Do the following:
On the Windows desktop, click Start > Settings > Control Panel.
Double-click Administrative Tools > Services.
Restart Novell ZENworks Server.
On Linux: At the console prompt, enter /etc/init.d/novell-zenserver restart.
Opening links in a new tab or new window of ZENworks Control Center might fail to display the page
Logging in to ZENworks Control Center or navigating within ZENworks Control Center by using Firefox 3.x might display a blank page
Use the Firefox Web browser to open about:config, then change the value of browser.cache.memory.enable to False.
Refresh the Web browser to reload the ZENworks Control Center page every time ZCC displays a blank page.
Use any other ZENworks 11 SP2 supported Web browser to access ZENworks Control Center.
For more information about the supported Web browsers, see Administrator Browser Requirements in the ZENworks 11 SP4 Server Installation Guide.
ZENworks Control Center displays a warning message indicating that some of the ZENworks features might behave incorrectly
Some of the ZENworks features might behave incorrectly because the time of the current Primary Server and the time of the ZENworks database server are not in sync.
The Nessus scan report for ZENworks Control Center shows that the site is vulnerable to cross-site scripting attacks
User Source Authenticationin the ZENworks User Source and Authentication Reference.
Unable to manage reports without Super Administrator rights
NOTE:For more information see TID 7008889, in the Novell Support Knowledgebase.
Log into ZENworks Control Center as an administrator.
Click the Configuration tab.
In the Administrators panel, select the name of the user who requires rights to the reports.
Click the Rights tab.
In Administrator Tasks section, in the left pane of ZENworks Control Center, click Inventory Report Rights. The Inventory Report Rights are displayed.
Select the folders to which the user requires the rights.
From the Edit drop-down menu, select Assign Full Rights.
For more information about configuring Inventory Report rights, see Inventory Report Rights
in the ZENworks 11 SP4 Asset Inventory Reference.
Repeat steps 2 through 4 and in the Administrator Tasks section, in the left pane of ZENworks Control Center, click Asset Management Report Rights. The Asset Management Report Rights are displayed.
Select the folders to which the user requires the rights.
From the Edit drop-down menu, select Assign Full Rights.
For more information about configuring Asset Management Report rights, see Configuring Report Rights
in the ZENworks 11 SP4 Asset Management Reference.
Unable to login in to ZENworks Control Center in Internet Explorer 8 on Windows 8 machine
Email notifications with SSL to the SMTP Server fail
Navigate to the OpenSSL directory and execute the following command:
openssl s_client -showcerts -starttls smtp -connect [SMTP SERVER IP]: 25
Copy the contents of the certificate displayed in the console from “----BEGIN CERTIFICATE----” to ”----END CERTIFICATE----” including the “----” lines.
Save this to a text file. For example, smtpcert.txt. For more information on how to generate or import GroupWise certificate, see:.
Import the certificate authority into the Java trusted CA keystore file.
On Windows Primary Server: If ZENworks is installed in the C:\Program Files x(86) folder, then in the command prompt, go to C:\Program Files x(86)\Novell\ZENworks\share\java\jre\bin> and run the following command:
.keytool -importcert -trustcacerts -alias smtpcert -file <saved text file name with full path> -keystore "C:\Program Files\x(86)\Novell\ZENworks\share\java\jre\lib\security\cacerts" -storepass changeit
On Linux Primary Server: Run the following command from the Java installed path:
/usr/java/jdk1.6.0_24/jre/bin/keytool -importcert -trustcacerts -alias smtpcert -file “<saved text filename with full path>" -keystore /usr/java/jdk1.6.0_24/jre/lib/security/cacerts -storepass changeit
ZENworks Control Center is vulnerable to SQL injection attacks
As ZENworks has a strong implementation of the access control layer through its Roles and Rights, by properly configuring these for the users, you can ensure that they have access only to the information they are entitled to. To configure roles and rights through ZCC, see ZENworks 11 SP4 Administrator Accounts and Rights Reference.
Restrict the access to ZCC servers only to authorized persons. You may restrict ZCC access from a network subnet or IP range, so that unauthorized access to ZCC is prevented. For more information, see Section 1.2, Restricting Access to ZENworks Control Center.