The information in this Readme file pertains to the update for Novell ZENworks 11 SP2 (11.2.3a).
The following table contains information on the documentation content changes that were made in this Readme after the initial release of ZENworks 11.2.3a:
Table 1 Readme Updates
Date |
Readme item Added or Updated |
---|---|
April 29, 2014 |
Added the following known issue: |
ZENworks 11.2.3a now provides a cumulative Agent update. You can update managed devices from 10.3.x and later to 11.2.3a with a single reboot.
The Replicated Content Search feature allows you to search for bundles or policies that are assigned for replication on provided content Satellite Servers or Primary Servers.
The Location-Based Proxy/CIFS Server feature allows you to set a location-based proxy and CIFS server for Windows, Linux, or Mac managed devices from ZENworks Control Center.
The Satellite-Satellite Content Replication feature reduces the potential traffic between the Primary Server and the Satellite Servers by allowing a content Satellite Server to replicate the content from other content Satellite Servers.
The Satellite Server Output Throttle Rate feature allows you to specify the rate at which the Satellite Server should send content to other devices requesting the content. These devices could be either other content Satellite Servers or managed devices.
The Replicate Now feature allows you to immediately replicate the content of a bundle or policy to a Primary Server, without waiting for the scheduled content replication.
The Cleanup Now feature allows you to immediately clean up the content of a bundle or policy from a Primary Server immediately, without waiting for the scheduled content cleanup.
Firefox 16, 17, 17.0.2 ESR, and 18 are now supported for ZENworks Control Center and the Novell File Upload plug-ins.
The Location Awareness Lite feature enables you to use location awareness on devices without installing the ZENworks kernel drivers on the devices. Location Awareness Lite uses information from the operating system rather than the drivers to determine location. The drivers are still used for full Location Awareness mode.
The Power Management policy provides advanced power scheme setting options that can be assigned to a device or a user.
Patch Management provides support for several important new operating system platforms including Windows 8, Windows 2012, and Mac OSX 10.8.
The patch feed now includes a wide variety of additional non-security patches from Microsoft that can only be detected with the latest agent technology. As always, ZCM Patch Management customers are encouraged to upgrade both servers and endpoints to the latest version.
Patch Management Scanning has been improved to incorporate Vega technology. This enables support for Windows 8 and Windows Server 2012.
Use the following guidelines to plan for the deployment of ZENworks 11.2.3a in your Management Zone:
You must deploy ZENworks 11.2.3a first to the Primary Servers, subsequently to Satellites, and finally to managed devices. Do not deploy this update to managed devices and Satellites (or deploy new 11.2.3 Agents in the zone) until all the Primary Servers in the zone have been upgraded to 11.2.3a.
NOTE:Agents might receive inconsistent data from the zone until all Primary Servers are upgraded. Hence, this part of the process should take place in as short a time as possible. Ideally, within a few minutes of each other.
You can directly deploy ZENworks 11.2.3a to managed devices in the Zone only if the managed devices have been upgraded to ZENworks 10.3.0 or a later version.
The system reboots once after you upgrade to ZENworks 11.2.3a. However, a double reboot will be required in the following scenarios:
Table 2 Double Reboot Scenarios
Scenario |
ZENworks Endpoint Security |
Full Disk Encryption |
Location Services |
Client Self Defence |
---|---|---|---|---|
Upgrade from 10.x to 11.2.3a |
Disabled |
Disabled |
Lite |
Enabled |
Fresh Install of 11.2.3a |
Disabled |
Disabled |
Lite |
Enabled |
Fresh Install of 11.2.3a |
Disabled |
Disabled |
Full |
Enabled |
Fresh Install of 11.2.3a |
Disabled |
Disabled |
Full |
Disabled |
IMPORTANT:: All Primary Servers or Satellites running previously supported versions prior to 11.2.0 should first be upgraded to ZENworks 11.2.0 before deploying the ZENworks 11.2.3a update.
Table 3 ZENworks Cumulative Agent Update to 11.2.3a: Supported Paths
Managed Device Type |
Operating System |
Supported Versions |
Unsupported Version |
---|---|---|---|
Primary Server |
Windows/Linux |
v11.2 and later versions |
Any version prior to 11.2 |
Satellite Server |
Windows/Linux/Mac |
v11.2 and later versions |
Any version prior to 11.2 |
Managed Device |
Windows |
v10.3.0 and later versions |
Any version prior to 10.3 |
Linux |
v11.0 and later versions |
NA |
|
Mac |
v11.2 and later versions |
NA |
For instructions on downloading the update, refer to the ZCM 11.2.3a upgrade manual import file. To deploy ZENworks 11.2.3a as an update, see the ZENworks 11 SP2 System Updates Reference.
NOTE:The system update is not available via the Novell Customer Center (NCC) server due to issues related with the file size. For more information see TID 7010390 in the Novell Support Knowledgebase. You need to download the update from Novell Patch Finder.
For information on how to install ZENworks 11 SP2, refer to the ZENworks 11 SP2 Upgrade Guide.
For administrative tasks, see the Novell ZENworks documentation Web site.
IMPORTANT:Ensure that you read Section 3.0, Planning to Deploy ZENworks 11.2.3a before you download and deploy the 11.2.3a update.
After you download the ZENworks_11.2.3a_Update.zip file, we strongly recommend that you compare the MD5 checksum for the file with the one shown on the Downloads page before you deploy the update.
Refer to the following table to understand the different supported versions for a ZENworks update:
Table 4 ZENworks Support Matrix
Managed Device |
Satellite Servers |
Primary Servers |
---|---|---|
v10.2.2 |
v10.2.2, v10.3, v10.3.1, v10.3.2, v10.3.3, v10.3.4, v11.0, v11.1, v11.2, v11.2 MU1, v11.2 MU2, v11.2.1, v11.2.1 MU1, v 11.2.1 MU2, v11.2.2, v11.2.2 MU1, v11.2.2 MU2, v11.2.3, v11.2.3a |
v11.2.3a |
v10.3 |
v10.3, v10.3.1, v10.3.2, v10.3.3, v10.3.4, v11.0, v11.1, v11.2, v11.2 MU1, v11.2 MU2, v11.2.1, v11.2.1 MU1, v 11.2.1 MU2, v11.2.2, v11.2.2 MU1, v11.2.2 MU2, v11.2.3, v11.2.3a |
v11.2.3a |
v10.3.1 |
v10.3.1, v10.3.2, v10.3.3, v10.3.4, v11.0, v11.1, v11.2,v11.2 MU1, v11.2 MU2, v11.2.1, v11.2.1 MU1, v 11.2.1 MU2, v11.2.2, v11.2.2 MU1, v11.2.2 MU2, v11.2.3, v11.2.3a |
v11.2.3a |
v10.3.2 |
v10.3.2, v10.3.3, v10.3.4, v11.0, v11.1, v11.2, v11.2 MU1, v11.2 MU2, v11.2.1, v11.2.1 MU1, v 11.2.1 MU2, v11.2.2, v11.2.2 MU1, v11.2.2 MU2, v11.2.3, v11.2.3a |
v11.2.3a |
v10.3.3 |
v10.3.3, v10.3.4, v11.0, v11.1, v11.2, v11.2 MU1, v11.2 MU2, v11.2.1, v11.2.1 MU1, v 11.2.1 MU2, v11.2.2, v11.2.2 MU1, v11.2.2 MU2, v11.2.3, v11.2.3a |
v11.2.3a |
v10.3.4 |
v10.3.4, v11.0, v11.1, v11.2,v11.2 MU1, v11.2 MU2, v11.2.1, v11.2.1 MU1, v 11.2.1 MU2, v11.2.2, v11.2.2 MU1, v11.2.2 MU2, v11.2.3, v11.2.3a |
v11.2.3a |
v11.0 |
v11.0, v11.1, v11.2, v11.2 MU1, v11.2 MU2, v11.2.1, v11.2.1 MU1, v 11.2.1 MU2, v11.2.2, v11.2.2 MU1, v11.2.2 MU2 v11.2.3, v11.2.3a |
v11.2.3a |
v11.1 |
v11.1, v11.2,v11.2 MU1, v11.2 MU2, v11.2.1, v11.2.1 MU1, v 11.2.1 MU2, v11.2.2, v11.2.2 MU1, v11.2.2 MU2, v11.2.3, v11.2.3, v11.2.3a |
v11.2.3a |
v11.2 |
v11.2, v11.2 MU1, v11.2 MU2, v11.2.1, v11.2.1 MU1, v 11.2.1 MU2, v11.2.2, v11.2.2 MU1, v11.2.2 MU2, v11.2.3, v11.2.3a |
v11.2.3a |
v11.2 MU1 |
v11.2 MU1, v11.2 MU2, v11.2.1, v11.2.1 MU1, v 11.2.1 MU2, v11.2.2, v11.2.2 MU1, v11.2.2 MU2, v11.2.3, v11.2.3a |
v11.2.3a |
v11.2 MU2 |
v11.2 MU2, v11.2.1, v11.2.1 MU1, v 11.2.1 MU2, v11.2.2, v11.2.2 MU1, v11.2.2 MU2 v11.2.3, v11.2.3a |
v11.2.3a |
v11.2.1 |
v11.2.1, v11.2.1 MU1, v 11.2.1 MU2, v11.2.2, v11.2.2 MU1, v11.2.2 MU2, v11.2.3, v11.2.3a |
v11.2.3a |
v11.2.1 MU1 |
v11.2.1 MU1, v 11.2.1 MU2, v11.2.2, v11.2.2 MU1, v11.2.2 MU2, v11.2.3, v11.2.3a |
v11.2.3a |
v11.2.1 MU2 |
v11.2.1 MU2, v11.2.2, v11.2.2 MU1, v11.2.2 MU2, v11.2.3, v11.2.3a |
v11.2.3a |
v11.2.2 |
v11.2.2, v11.2.2 MU1, v11.2.2 MU2, v11.2.3, v11.2.3a |
v11.2.3a |
v11.2.2 MU1 |
v11.2.2 MU1, v11.2.2 MU2, v11.2.3, v11.2.3a |
v11.2.3a |
v11.2.2 MU2 |
v11.2.2 MU2, v11.2.3, v11.2.3a |
v11.2.3a |
v11.2.3 |
v11.2.3, v11.2.3a |
v11.2.3a |
ZENworks 11.2.3a includes the following new or enhanced features:
In ZENworks 11.2.3a, support for the following new platforms has been tested:
Windows 8, Windows 8 Enterprise (32 and 64-bit versions), and Windows Server 2012 Standard (as a managed device) with the following exceptions:
ZENworks Full Disk Encryption is not supported and will not be installed on a Windows 8 device.
ZENworks Endpoint Security Management Data Encryption policy is not supported and will not be enforced on a Windows 8 device.
ZENworks Imaging operations are not supported on the Windows 8 UEFI platform.
ZENworks Configuration Management Bundles shortcut icon does not appear in the ZENworks Agent start screen.
NOTE:Prior to installing the ZENworks Agent on a Windows 8 device, you need to install Microsoft .NET Framework 3.5 SP1. During installation you need to be connected to the Internet, irrespective of whether the .NET 3.5 SP1 installer is downloaded from the Microsoft site or whether it is installed as a part of ZENworks Agent installation. For more information, see Installing the .NET Framework 3.5 on Windows 8.
VMware VDI 5.1 with VDI Client 5.2
RHEL 5.9 and RHEL 6.3 (server and managed device).
Before upgrading from Windows 7 to Windows 8, the User Management component for the device should be set to the
state. After upgrading to Windows 8, the User Management component should be set to the state.NOTE:Skipping this step causes Windows to crash at the login screen so the user cannot log in to Windows 8.
Firefox 16.x, 17.x, and 18.x
NOTE:Internet Explorer 10 is not supported.
The following databases are now supported:
Microsoft SQL Server 2008 R2 SP2
Microsoft SQL Server 2008 SP2
ZENworks 11.2.3a includes the following new features:
This feature allows you to search for bundles or policies that are assigned for replication on provided content Satellite Servers or Primary Servers. In addition, it allows you to search for Satellite or Primary Servers that replicate a provided bundle or policy.
For more information, see Replicating Content to New Content Servers
in the ZENworks 11 SP2 Primary Server and Satellite Reference.
This feature allows you to set a location-based proxy for Windows, Linux, or Mac managed devices from ZENworks Control Center. This selection can be done at the network environment level, locations level, and also at the default zone, folder, or device levels. In addition, it allows you to set the CIFS Server share for downloading content from ZENworks Primary Servers and Satellite Servers.
For more information, see Defining Network Environments
and Creating Locations
in the ZENworks 11 SP2 Location Awareness Reference.
This feature reduces the potential traffic between the Primary Server and the Satellite Server. A Satellite, performing the Content role, replicates the content from other content servers through one of the following methods:
Using the Parent Primary Server Only
Using the Closest Content Servers First
Using the Closest Content Servers Only
For more information, see Tasks for Adding and Configuring Satellites in the ZENworks 11 SP2 Primary Server and Satellite Reference.
This feature displays the rate at which the Satellite Server should send the content to other Satellite Servers. The Satellite Server calculates different throttle rates based on the content request type and the content type throttle.
For more information, see Tasks for Adding and Configuring Satellites in the ZENworks 11 SP2 Primary Server and Satellite Reference
This feature immediately replicates the selected content on the current Primary Server or selected Primary Servers regardless of the configured replication schedule.
For more information, see Replicating Content to Primary Servers
in the ZENworks 11 SP2 Primary Server and Satellite Reference.
This feature enables you to cleanup the selected content from the current Primary Server or selected Primary Servers immediately, regardless of the cleanup schedule.
For more information, see Cleaning up Content from the Primary Server
in the ZENworks 11 SP2 Primary Server and Satellite Reference.
You can now choose the Location Awareness mode that the ZENworks Adaptive Agent uses to determine the location applied to a device. There are two Location Awareness modes:
Location Awareness Lite: The agent uses network information provided by the operating system. The ZENworks drivers are not installed.
Location Awareness: The agent installs ZENworks drivers to collect network information. The drivers provide more detailed information than the operating system, which enables the agent to make a more accurate determination of the location.
If ZENworks Endpoint Security Management is active in your zone (either licensed or in evaluation mode), the Location Awareness Lite mode is not enforced on devices on which the Endpoint Security Management Agent Feature is enabled. Endpoint Security Management requires the ZENworks drivers to be installed, so the ZENworks Adaptive Agent on Endpoint Security-enabled devices uses full Location Awareness mode even if the mode is set to Location Awareness Lite. For Location Awareness Lite to be enforced on a device, Endpoint Security Management must be disabled by one of the following methods: 1) not licensed in the zone, 2) not installed on the device, or 3) installed but disabled on the device.
You set the Location Awareness mode in ZENworks Control Center under
> > > .For more information see in the ZENworks 11 SP2 Location Awareness ReferenceZENworks 11 SP2 Location Awareness Reference.
For Novell Service Desk registration, you can now import the Novell Service Desk certificate by directly contacting the Service Desk server from ZENworks Control Center.
The Power Management policy provides advanced power scheme setting options that can be assigned to a device or a user.
For more information see, Power Management Policy
in the ZENworks 11 SP2 Configuration Policies Reference
.
Some of the issues identified in the initial version of ZENworks 11.2 have been resolved with this release. For a list of the resolved issues, see TID 7011295 in the Novell Support Knowledgebase.
Some of the issues that were discovered in the original shipping version of ZENworks 11 SP2 have not yet been resolved. For continuing issues, review the following Readmes:
The Readmes have been updated to indicate which issues are fixed by version 11.2.3a.
ZENworks 11.2.3a includes the following known issues:
Section 8.2, Location Awareness Lite is not enabled on existing devices
Section 8.4, The Startup location is not effective on Windows 8 devices after Fast Boot
Section 8.6, Seamless login is not supported on Windows XP devices in a VMware VDI environment
Section 8.7, Patch Management Scanning requires more scan time
Section 8.8, System update progress is not visible on Windows 8 and Windows 2012 devices
Section 8.9, System update status is incorrectly displayed as successful
Section 8.13, The Prompt action does not work when the prompt message contains text within braces
Section 8.14, Reboot and shutdown actions do not display the configured prompt message
Section 8.16, During the System Update the System Update hangs
Section 8.18, Yast Addon Signature Check Failed message appears
On a Windows 8, on which ZENworks Agent is installed, if you uninstall the ZENworks Agent, then all the files under the "\Windows\System32" folder might get deleted and the device might become unusable.
This issue occurs when the %systemroot% environment variable resolves to any string other than
:\Windows\(case-sensitive), where the system drive can be C,D or any other drive, depending on where the operating system is installed. For example, if system root is expected to be resolved as C:\Windows but it resolves to C:\WINDOWS or c:windows then the device might become unusable.Workaround: See TID 7014897.
Prior to 11.2.3a, the Endpoint Security drivers were installed with the ZENworks Adaptive Agent even if ZENworks Endpoint Security Management was not licensed in the zone or configured for installation to devices. The drivers were installed to support the agent’s location awareness functionality.
Starting with 11.2.3a, the drivers are installed on new devices only if 1) full Location Awareness is being used, 2) agent Self Defense is enabled, or 3) ZENworks Endpoint Security Management is installed.
During the update to 11.2.3a, if a device does not meet one of these three conditions, the Endpoint Security drivers are removed. Some of the drivers are removed after the first device reboot and the others are removed after the second. Until the second reboot occurs, the device does not use Location Awareness Lite mode.
The Roaming Profile policy does not work on Windows 8 workgroup devices and Windows 7 SP1 Operating Systems.
Workaround: None
When a Windows 8 machine is shut down, Fast Boot is triggered by default. As a result, the ZENworks Agent does not boot into the configured startup location and comes up with Closest Server Rules of the last known location, which might not be reachable.
Workaround: Perform a full shut down on the device by running the shutdown /s /f /t 000 command. The ZENworks Agent boots into the configured startup location when it restarts.
Upgrading a Windows 7 device to Windows 8 is not supported if the device has a ZENworks Endpoint Security Management Data Encryption policy or ZENworks Full Disk Encryption policy applied. The upgrade can place the device into an unknown state.
Workaround: Before upgrading the device to Windows 8, remove the Data Encryption and Disk Encryption policies from the device. Ensure that you give the device sufficient time to decrypt all encrypted files and volumes.
For information about removing a Data Encryption policy, see Removal Best Practices
in the ZENworks 11 SP2 Endpoint Security Policies Reference.
For information about removing a Disk Encryption policy, see Removal Best Practices
in the ZENworks 11 SP2 Full Disk Encryption Policy Reference.
Seamless login is supported on Windows 7 and Windows 8 but not on Windows XP managed devices in a VMware VDI environment.
Workaround: None
The improved Patch Management Scanning feature requires an additional 10 to 15 MB of content, and the scan time is increased by 2 to 5 minutes. This impacts all Windows versions, except Windows XP.
Workaround: None
When you perform a system update on a Windows 8 or a Windows 2012 device, the system update progress is not displayed as a notification in the Start screen.
Workaround: None
The system update status is displayed as successful even though the MSI fails to install on the agent devices, with the following error:
Line 864: ERROR;MSI_INSTALL_ERROR;novell-zenworks-fde-api-11.2.3.337.msi,1603; Line 2352: DEBUG;;;ZESM component state : FDE component state : enabled Line 2353: DEBUG;;;Install drivers state after reading ZESM/FDE component state : INSTALLDRIVERS=1
Workaround: None
A system update fails on a Windows 7 agent when both Full Disk Encryption (FDE) and ZENworks Endpoint Security Management (ZESM) are uninstalled from the server, and an agent update is initialized from 11.2.x to 11.2.3a.
Workaround: None
A system update on a Windows 2003 agent, with default settings, fails when an agent update is initialized from 10.3.4 to 11.2.3a.
Workaround: Assign the MS Hot Patch before assigning the system update to the Windows 2003 managed devices.
A Satellite device has a startup location defined that does not have any Closest Server Rule. At the end of the startup period, the Satellite does not use the correct calculated location, and cannot replicate content.
Workaround: Configure the Satellite device to not use a startup location, and refresh or restart the device.
For more information, see TID 7011928 in the Novell Support Knowledgebase.
If the prompt message for a bundle contains text in { } (braces or curly brackets), then the prompt is not displayed.
Workaround: In the prompt message, use a another character instead of the brace.
For more information, see TID 7012014 in the Novell Support Knowledgebase.
When you use a Shutdown or Reboot action in a bundle, or a Quick Task to shutdown or reboot a device, if the prompt contains text in { } (braces or curly brackets), then the specified prompt is not displayed, and the shutdown or reboot message defaults to the generic message.
Workaround: None
For more information, see TID 7012015 in the Novell Support Knowledgebase.
When you create a deployment task for a Window 8 device, in the Metro view, the install prompt message is not displayed. The agent installation is triggered after the installation prompt times out, without any prior notification. When the permission prompt times out and the agent install starts, if you switch to the Classic view, the pre-agent install status icon also crashes and the agent installation status is not seen either in the Classic or the Metro view.
Workaround: None. The prompt is displayed if you are in the Windows 8 Classic view.
On a Windows operating system where ZENworks Reporting Server (ZRS) is installed, it has been observed that the CMS.exe from ZRS consumes most of the CPU memory and causes the system update to hang.
Workaround: Stop BOE120MySQL and the Server Intelligence Agent (ZRS) services. After the system update is complete, restart the ZRS services and run the novell-zenworks-configure -c UpdateBOE command.
During the upgrade of a ZENworks agent to version 11.2.3a, MSI packages may fail with the following error: This installation package could not be opened.
Workaround: Redeploy the System Update to the device.
For more information, see TID 7012125 in the Novell Support Knowledgebase.
While installing ZENworks Agent through Yast Addon, though it is signed, the Signature Check Failed error message appears.
Workaround: Ignore the Signature Check Failed error message and continue with installation.
For more information, see TID 7011297 in the Novell Support Knowledge.
On an RHEL-5.x server, if the size of the system update zip file is more than 2 GB, unzipping does not work, and you cannot import the system update by using the zman sui command.
Workaround: Perform the following steps:
Navigate to the Red Hat vvitek directory.
Install unzip-5.52-3.0.bz497482.el5_7.i386.rpm on the RHEL 5.x server.
Run the rpm -Uvh unzip-5.52-3.0.bz497482.el5_7.i386.rpm command.
Run the zman sui <zip file path> command.
A Dynamic Local User (DLU) policy, Windows Group policy, and Roaming Profile policy cannot be used on a device that has Citrix XenApp 6.5 installed because when you launch the Citrix session through a browser, the Novell client login is not involved.
Workaround: None
Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes.
Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classification to export, re-export, or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in the U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical biological weaponry end uses. Please refer to the Novell International Trade Services Web page for more information on exporting Novell software. Novell assumes no responsibility for your failure to obtain any necessary export approvals.
Copyright © 2013 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher.
For Novell trademarks, see the Novell Trademark and Service Mark list.
All third-party trademarks are the property of their respective owners.