Imaging Server Policy

ZENworks for Desktops 4 can image a workstation and then apply that image back to the original workstation or to other workstations. See Chapter 14, "Imaging a Workstation," for more detailed information on the functionality of the ZENworks for Desktops 4 imaging system.

The placement of an image associated with an image object in the directory onto a workstation can occur three ways in ZENworks for Desktops 4.

  • Booting the workstation with two floppy disks that communicate with the imaging agent on the server.

  • Placing a special boot partition on an unregistered workstation that communicates with the imaging agent on the server.

  • Placing a special boot partition on a registered workstation and setting the Put an Image On This Workstation On the Next Boot field in the workstation object. (In this case, the image is determined by an image association or the rules in the Workstation Imaging Policy; see Chapter 9, "Setting Up a Workstation Policy Package," for more details.)

Each of these ways results in the workstation being imaged with the image associated with the workstation, or determined by the imaging agent that resides on the server. The workstation finds the imaging server from the information the administrator specifies either from an IP or a DNS name for the server. This information is saved on the disks or in the special boot partition.

The imaging policy becomes effective when the workstation is not associated with a workstation object. Because no image is associated with the specific workstation, the imaging server must determine, based on rules, which image to place on the workstation.

This policy enables the administrator to create a set of rules that can govern when a particular image should be used, based on some basic information from the workstation. The imaging server follows the list of rules in the policy until one of the rules is satisfied. The rule that is satisfied results in an associated image that is then applied to the workstation.

The NDS Rights, Other, and Rights to Files and Folders pages are described in the "Setting Up a Server Policy Package" section.

Imaging Partition

The Imaging Partition page allows you to disable the ZENworks imaging partition if it exists. This is useful when you want to disable imaging because it there is no active imaging occurring on the workstation. For example, you have a one-time image that is applied to a workstation annually in January. You need the partition to remain intact, but you can disable it the rest of the year.

PXE Settings

Now that ZENworks for Desktops ships with PXE-enabled software, you can also set the PXE settings for deploying any images. Novell now recommends that the Linux partition on the workstation be removed. Customers should move to the PXE method of image deployment. You can determine whether the PXE menu should appear automatically when PXE is launched and you set the values that appear on the menu.

A PXE menu will display, for example, whether to receive or to take an image.

Rules Page

This page enables the administrator to input the rules and associated images that the system uses to determine the image to place on a specific type of workstation. Figure 12.6 shows a sample of this page.

Figure 12.6. Rules page for a sample Imaging Server Policy of a Server Policy Package.

graphics/12fig06.gif

You must first press the Add button to add rules to the list. Once you have added several rules, you can then select a specific rule and change its order in the list, look at its properties, or remove the rule. When you press the Add button, the following screen is displayed (see Figure 12.7).

Figure 12.7. Add rule dialog box for a sample Imaging Server Policy of a Server Policy Package.

graphics/12fig07.jpg

You first press the browse button next to the Use this Image field to browse to an image object in the tree that is associated with an image file on the image server. Once the image object is selected, you can identify the rule that is associated with this image. You can have six key/value pairs at one time.

In the middle of the dialog box, note the six potential equations that you can generate to determine whether the image should be used. The equation is made up of a series of True/False statements that are strung together with AND and OR logic. You construct the statement by filling in the drop-down statements. (The resulting statement is displayed in a more English-like view.)

The logic of the AND and OR operators is strictly left to right in the equation. In the Rule Description box parentheses are added to the equation to help the administrator understand how the rule is evaluated. You cannot insert the parentheses; they are automatically inserted as part of the explanation of the equation and are not under user control.

You first select the key you want to examine by selecting the key via a drop-down dialog box. The keys that you can choose from are the following:

  • Chipset This displays the reported processor. An example is Genuine Intel Mobile Pentium MMX 233 MHZ.

  • Video This captures the type of video adapter that is in the workstation. An example of this would be Trident Cyber9397 (rev 243).

  • Network This is the network adapter for the workstation. An example would be 3Com.

  • Sound Card This is the sound card that has been reported. Often this field results in no sound card being detected. This is because the system sends out a PCI request; if no sound cards respond, you get this even though a sound card is present.

  • Hard Drive Controller This is the type of hard drive in the system. If the hard drive is an IDE device, the value for this field is IDE. If the hard drive is a SCSI device, you get the reported name of the device, such as FUJITSU MHJ2181AT.

  • MAC Address This is the MAC address of the network card. An example of this value is 00 60 80 03 C2 E7.

  • IP Address This is the assigned IP address of the workstation. This is reported as the traditional 137.65.237.5.

  • Hard Drive Size This reports the disk size in number of megabytes. Therefore, an 8GB hard drive would be reported as 8192MB. The imaging system might not always report the full disk capacity. Use a wide boundary when generating your rules. For instance, if you want to look for an 8GB drive, use the statement Hard drive size > 8000 MB.

  • RAM This is the reported amount of RAM in megabytes. This is reported as 64MB. This field also might not always report the exact amount of RAM space that you would expect on your workstation. It is advisable that you use a wide boundary when generating your rules. If you want to look for 16MB RAM, for example, use the statement RAM > 15MB.

When the workstation is booting the imaging system, it is in reality booting up the Linux operating system and running the tools that are included in the imaging system. The values for the keys described previously are values that the Linux system can report to the software. In order to discover what a system reports to Linux, you need to boot a sample workstation with the Imaging system boot disk and run the Img information command. This displays the information that is sent to the image server about the workstation. This information is the data values that you put into the key comparison equations for your rules. You can also get this information from an image by opening the image in the ZENworks image editor and choosing properties on the image root. See Chapter 14, for more detailed information on the functionality of the ZENworks for Desktops 4 imaging system.

The next part of the equation specifies the operator. Two types of operators exist: string and integer operators. The hard drive size and RAM fields are treated as integers, whereas all of the other fields are treated as strings where a case-insensitive string compare is done to determine operator results. The string operators are contains, doesn't contain, begins with, and equals. The integer operators are =, <>, >, >=, <, and <=.

These operators perform expected comparisons between the key value supplied by the workstation to the imaging server and the value that you place into the value field of the equation. The following meanings are placed with each operator:

  • Contains The specified value is a substring anywhere in the reported value.

  • Doesn't Contain The specified value is not equal to or contained in the reported value.

  • Begins With The specified values are represented in the initial character of the reported value.

  • Equals The specified value is the same as the reported value.

  • = (equals) The specified value is numerically equivalent to the reported value.

  • <> (not equal) The specified value is not equal to the reported value.

  • > (greater than) The specified value is greater than the reported value.

  • >= (greater than or equal to) The specified value is numerically equal to or greater than the reported value.

  • < (less than) The specified value is less than the reported value.

  • <= (less than or equal to) The specified value is numerically less than or equal to the reported value.

The next field in the operation is where you enter the value that you want to compare. The far right field enables you to extend the operation to additional key/value comparisons. Your choices currently are AND and OR.

The Boolean operators are evaluated strictly from left to right. For example, if the following rules were entered into the policy, the resultant evaluation would be (hard drive < 600MB AND RAM < 16MB) OR (RAM > 31MB).

  1. Hard drive size >= 600MB AND

  2. RAM < 16MB OR

  3. RAM > 31MB

This would result in giving the image to any system that has a disk smaller than 200MB with less than 16MB of RAM. This would also give the image to any system that has more than 31MB of RAM regardless of the size of the hard drive.

You can view the precedence of the equation, complete with parentheses, on the bottom half of the screen as you introduce new key/value pairs into your rule.

Once your set of key/value pairs has been entered and you have reviewed your equation at the bottom of the screen, you press the OK button to include the rule into the imaging system, and you are returned to the original Rules page with the rule that you had entered on the screen.

Once again, from this page, after you have entered some rules you can then specify the order in which the rules are evaluated. After selecting a rule you can move that rule in the order by pressing either the Move Up or the Move Down buttons. As the imaging server is evaluating the rules, the first rule that results in a TRUE evaluation results in that image being supplied to the workstation.

Multicast

This page allows you to specify whether the imaging server determines whether the workstation should take part in a multicast session prior to checking the image selection rules within this policy. If the check box is checked, the imaging server will check the image selection rules prior checking its multicast sessions.

NOTE

This check box will have no effect on workstations configured to serve as session masters, because that role takes priority over any other imaging setting.


Image-Safe Data Page

The Image-Safe data page is composed of three pages. These pages represent information and data that is placed or retrieved from the system regardless of the image that is used. The following depicts the pages that are available by selecting the small triangle drop-down menu on the tab.

The Image-Safe Data agent can be placed on the workstation. This agent has the responsibility of moving data between a special sector on the disk that is used to store configuration information such as IP address or DHCP configuration along with workgroup information. This information on the disk is not affected by an image taken or placed on the drive.

When the Image-Safe Data agent runs on the workstation it makes sure that the information in the special sector and the operating system are synchronized properly. For example, following an image placement, the agent moves the data from the disk into the operating system, setting up the DHCP and computer name. On a workstation that has not just been imaged the agent moves the information from the operating system into the sector on the disk so the data can be restored should a new image be placed on the drive. Should the agent not run, the workstation would be an exact mirror of the image (with the same IP and computer name configuration).

The Image-Save Data configuration page enables the imaging server to pass this configuration information to the agent via this disk sector.

IP Assignment Log Page

The IP Assignment Log page displays the IP addresses that the imaging server has assigned to any imaged or re-imaged workstations. The set of available IP addresses can be set in the IP Configuration page.

The IP Assignment page displays the log of the assigned addresses.

This page can also be used to place an IP address back into the pool of available addresses. If you have an address that you want to place back into the pool, you can select it in the log list and then press the Remove button.

WARNING

When you remove a specific IP address it might not be properly represented in the IP Configuration range and therefore cannot be reused.


If you have specified a range to be the set of IP addresses that you will make available for workstations, when the imaging server uses a portion of the range (at the ends), the range is refreshed on the configuration page. For example, if the range 123.65.234.1 … 123.65.234.100 were in the configuration and IP address 123.65.234.1-10 were assigned, the range would be changed to 123.65.234.11 … 123.65.234.100. Consequently, when you go to the log page and free up IP address 123.65.234.10, the range is not reconfigured and the freed IP address is not reassigned. You must manually go to the configuration page and modify the range to include the addresses that you have freed.

IP Configuration Page

The IP Configuration page enables you to specify whether the workstations that are imaged by the imaging server will obtain their IP address from a DHCP server or via a static assignment that is done as part of the imaging process.

If you select the DHCP option, the windows system gets the IP addresses from a DHCP server. If, however, you select that you want to specify an IP address, the other fields on the page are activated.

To specify a static IP address, you must first enter the subnet mask and default gateway that you want all of your imaged workstations (imaged via the image server using this particular policy) to receive. You must also specify the range of IP addresses that are used by the imaging server and assigned uniquely to each of the imaged workstations. You specify the set of IP addresses by using the Add and Add Range buttons.

When the imaging server receives a request for an image, the IP address information is transmitted and assigned to the workstation. That address is then logged in the imaging server and not reused for another workstation.

To remove any address or ranges from the possible set, select the item and press the Remove button. These addresses will no longer be in the pool of available addresses for the imaging server to assign.

Windows Networking Page

In the Windows Networking page, you can specify the computer name for the workstation and the workgroup for the system.

The computer name prefix that you enter in the field (maximum of seven characters) is prepended to a randomly generated set of characters and numbers to construct the final 15-character computer name for the workstation.

The Make the Computer a Member of the Following field enables you to specify the workgroup that you want for the workstation. You select which you prefer by selecting the field and entering the workgroup name.

DNS Settings

This page allows you to specify the DNS suffix and name servers used by this policy. Simply type the suffix you want to use and then click the Add button to specify the addresses of name servers. It is important to use the correct suffix and name servers for the ZENworks for Desktops imaging engine to process imaging operations on a workstation.

Security Page

As part of the imaging system, you can request that the workstation have an image taken of itself and placed onto the server. This is done by checking some fields in the workstation object (See Chapter 14, for more details), which causes the workstation to take an image of itself on its next reboot.

When the workstation takes an image of itself, or when an image is taken when a request is made through the Linux boot system, the image is transmitted to the image server. This image server then receives the .ZMG file and places it in the path that was specified. To protect the system from overwriting any files or by having users place the image files into inappropriate directories, the imaging server takes the information in the security page and restricts the placement of the image files.

When you check the Allow Imaging to Overwrite Existing Files When Uploading option, you are enabling the system to overwrite any files that have the same name as the one specified by the user, with the name of the image file.

The Restrict Uploads to the Following Directories check box activates the requirement that all requested uploads must specify one of the directories identified. If the directory portion of the destination path, specified by the user, does not match one of the directories specified in the list on this page, the request to store the uploaded image is refused. To add paths to the list of accepted destinations, press the Add button and enter in the path that is acceptable.

Paths in the directories can be one of the following formats:

Driveletter:pathVolume\pathNTShare\path

The system does not, for example, take any UNC path. When the user enters the location of the file, this information transmits to the imaging server, and the server compares the directory portion of the path given with all of the strings in this list. If a match occurs (that is, the directory is listed), the operation is accepted and the image is taken and stored; otherwise, the operation fails and the image is not taken.



Novell's ZENworks for Desktops 4. Administrator's Handbook
Novell ZENworks for Desktops 4 Administrators Handbook
ISBN: 0789729857
EAN: 2147483647
Year: 2003
Pages: 198
Authors: Brad Dayley

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net