Advanced ZENworks Management

Ryan RadschlagNetwork ManagerHartford Joint #1 School Districtradschlagr@hartfordjt1.k12.wi.us

Whaddya Wanna Do?

• Imaging - How to make ZCM make you look like you’re working

• Bundle Conquering - Combating educational “software”

• Policies - Unleash your inner Network Nazi

• Best Practices - according to $variable

Imaging The Ronco Way!

• Automated imaging can be your saving grace with limited time and resourceso Quit troubleshooting pointless windows/user errors

• Easily deploy new machines without starting from scratcho Banish golden images

• Image machines without leaving your desko AKA...go golf 9 while you image your entire district

The Imaging Process

ZENworks Imaging Environment

autoImage Script

Customize Machine “Profile”

Operating System

Naming Convention

Drivers

Build Type

Build Process

Phase 2DriverInstallation

- Drivers for machine downloaded in addon image.- dpinst run to install drivers for hardware

Phase 3ZENworksAgentInstallation

- ZENworks Agent silently installed- “-x -q -k” command line arguments to perform silent install & registration

Phase 4BuildBundleInstallation

- Bundle specified by registry key is installed-Reboot after bundle install completes

Phase 5BuildProcessCleanup

- Build files are deleted from machine-Other cleanup tasks can also be run in this process

Phase 1Build Setup

- Import necessary registry keys from ZIE.reg- Set build run on start

ZENworks PXE Menu

autoImage ScriptSimple Prompt Driven Imaging Script

1. Choose OS

2. Choose Building/Context

3. Choose Build Type

4. Enter Room #

5. Name is auto generated by CONTEXT(1)-ROOM(max 5)-SERIAL(7)

Imaging File paths are auto-generated by OS/Context/Type

• Code for clientless: case $opt in

“Clientless”)

projbase=${os}-clientless/

projimg=${LONGCONTEXT}-${os}-clientless.zmg

• If Windows 8 is chosen for a clientless machine in Building A, the project image would be win8-pro-x64-clientless/BUILDINGA-win8-pro-clientless.zmg

autoImage Script (cont’d)• Add-on images deployed

o buildprocess.zmg contains build-AMD64.exe & build-x86.exe build-%PROCESSOR_ARCHITECTURE% called on first login (configured in

unattend.xml)o zenagent-AMD64/x86

contains the full ZENworks Agent installero (CONTEXT)-(OS)-(buildtype).zmg

contains registry and batch files used to customize the machine throughout the build process

Build Types• Clientless

o No Novell Client/Domain Membership

o Only local users

• Clientless DLU

o No Novell Client/Domain Membership

o ZCM logins via DLU from LDAP source

• Full/Domain Client

o Novell Client/Domain Membership

o Logins passively passed to ZCM if valid

In A Nutshell

1.PXE Boot into ZENworks imaging environment

2.Choose the build options3.Walk away - go take a nap

Becoming a Bundle Master

1.Think2.Think a little harder3.Click Around4.Execute5.Test6.Set them free

Think

• What do you want to do?o Install a program?o Launch a program?o Both?o Have a user launch a program?o Install a kitten wallpaper on your District

Administrators computer?

Think A Little Harder

• How are you going to do it?o MSIo EXEo Some registry tweaks here and thereo BOB←Your friendo Requirements

Click Around

• Go create a skeleton bundleo If you want to “categorize” it according to

what you thought a little harder about, fine

• Gather your supplieso Download installerso Export registry settingso Copy program XML settings

EXECUTE!!!!

• If you wanted to install somethingo Start creating INSTALL actions

• If you wanted to launch somethingo Start creating LAUNCH actions

TIP: The more organized you are in naming conventions and action labeling the easier it will be to maintain your bundles

Test

• Recommended to get used to Snapshot bundleso Allows you to test without committing (like

dating)

• Virtual test machineo Snapshotting can save you tons of time when

it comes to bundle testingo Clean slate to start with each time

Deploy

• Publish the bundle and start assigning it to things

• Do not under any circumstances schedule bundles to deploy “NOW”

Using Requirements

• Bundle action requirements allow you to make 1 bundle for all deployment scenarios

• Keep your bundles working for you instead of against

• Action requirements keep your database size under control in comparison to bundle requirements

Policies

• Many different types of policieso Windows Group Policieso Patch Policies (for ZPM users)o Firewall/Device/Security Policies (for ZESM

users)o Many more

Policies - KISS

• Be selective in assigning policies to users/devices

• Plan a clean policy organization before rolling them out

• The less settings that need to be deployed to the user when they login the better

• Don’t be a total Nazi, the illusion of freedom is a powerful thing

Best Practices - Primary Servers

• Novell Recommendso Dual Core

Processoro 2GB-4GB RAMo 30GB Hard Disk

• Real Worldo Quad Core

Processoro 8-16GB RAMo HDD depends on

how many bundles you intend to create.

Primary Servers Tuning

• Tuning the primary server to your environment is a must

• Allocate more RAM to the zenserver and zenloader services

• Increase the CPU thread count for HTTP/S services

Primary Servers Layout & Design

• Recommend starting with 3 Primary Serverso 2 Internal for redundancyo 1 DMZ for external clients & Join Proxy

• Spread across your virtual cluster if you have one

• Create closest server rules or use a L4 switch for load balancing

• Locate them as close to your database as possible

• I would recommend 1 primary based on your favorite server software and the rest can be appliances

Database Considerations

• ZPM users should consider MSSQL due to the database heavy workload

• Always use an external DBo Room for future growtho Don’t put all your eggs in one basket

• Follow Novell guides for tuning and database maintenanceo HAPPY DB=HAPPY ZONE

Satellite Devices

• Only use them if necessaryo Slow links between sites

• Satellite Devices are NOT meant to reduce the load to the Primary Servers

• The purpose of a Satellite Device is to reduce network load

Summary

1.Plan your zone out2.Plan your policies structure3.Plan your bundle rollout4.Create a working imaging environment5.Start deployment6.Monitor and test your future changes

Novell Resources• Primary Server Tuning

• http://www.novell.com/documentation/zenworks11/zen11_cm_deployment_bp/data/bi5t8rz.html

• Database Tuning• http://

www.novell.com/documentation/zenworks11/zen11_cm_deployment_bp/data/bi5tm7r.html

• Database Performance Optimization• http://www.novell.com/support/kb/doc.php?id=700556

0