Novell's zero effort networks solution

Novell's NetWare 5 release introduced the company's entry in the zero administration marketplace—Zero Effort Networks (ZENworks—known as Z.E.N.works until recently). NetWare 5 includes the ZENworks Starter Pack, which is distinct from the more comprehensive ZENworks package. You can find information about the installation process for the new Novell client and the ZENworks Starter Pack in "Novell's New NT Client," July 1999. Also, you can read more about Novell's latest version of ZENworks in the sidebar "What's New with ZENworks 2?" page 80.

In this article, I cover some of the features of the full ZENworks package in detail for organizations committed to the Novell Directory Services (NDS) environment. The ZENworks package includes five free licenses for Greenwich Mean Time's (GMT's) Check 2000. This software lets administrators monitor Year 2000 (Y2K) compliance on every workstation on their network.

What Is ZENworks?
Novell bundled the NetWare Application Launcher (NAL), Workstation Administrator, and Remote Control Administrator products together and called the resulting product ZENworks. NAL implements what Novell calls a just-in-time (JIT) application-distribution solution. This solution gives users at workstations almost instantaneous access to the applications they request.

Workstation Administrator stores configuration parameters in NDS for individual workstations. These parameters include hardware and software specifications, printer settings, and policies. Using these parameters, Remote Control Administrator can aid Help desk personnel and administrators in reducing the time it takes to resolve workstation problems. If the problem is software-related, an administrator can correct the problem remotely through NDS.

ZENworks' Inventory Feature
Using ZENworks, NDS maintains a workstation object for every PC on the network. The ZENworks Inventory feature gives you a complete hardware and software inventory, and memory and environmental information for all managed workstations. Centralized database support gives you quick access to inventory information with the ability to query the database from the console. You can generate predefined reports through the Tools menu in NetWare Administrator. By querying NDS through the ODBC interface, you can get reports on the types of processors (e.g., 386, 486, Pentium) and the amount of RAM each workstation is using.

Platform-dependent scan programs gather software and hardware information from each workstation. The NetWare server's SYS:\Public\ZENworks directory contains two inventory scan programs: Ntscan32.exe scans Windows NT workstations over IP or IPX, and winscan.exe scans Windows 9x computers over IP or IPX. The Scheduler lets you set up event scheduling and the scanning time and frequency. The Scheduler doesn't automatically update Inventory information as changes occur; you must periodically run the inventory scanner to check for updates on managed workstations.

To do a workstation inventory, first set up a workstation inventory collection. To do so, register and import each workstation to create workstation objects within NetWare Administrator. You can define how NDS will name the workstation objects when it creates them. You can also choose from multiple options for naming the workstation. For example, you can give the computer object a combination of the computer name and username. You can choose from the following for naming the workstation:

  • Computer: The Windows computer name for an NT or Win9x workstation.
  • Container: The place where an object resides within NDS.
  • CPU: The CPU type that resides in the workstation.
  • DNS: The DNS name, which is the logical name related to the IP address.
  • Network Address: The workstation network address—either the media access control (MAC) portion of the IPX address or the IP address that the preferred network address specifies.
  • OS: The workstation's OS (NT, Win9x, Windows 3.1).
  • Server: The workstation's preferred server.
  • User: The name of the logged-on user.
  • <User Defined>: User-defined names using characters that are valid in a Directory Service (DS) object name.

First, create a workstation policy package to enable the workstation inventory policy. Then, associate the policy package with the workstation objects you want to inventory.

Finally, you're ready to conduct an inventory of the workstations. From within NetWare Administrator, select Details for the Workstation Policy Package. Then, check the Workstation Inventory box. Edit the Policy Schedule to make any necessary changes in scheduling for the inventory scan program. The inventory database stores the frequency information for hardware and software scanning. Software scanning takes longer than hardware scanning, so you might not want to scan for software as often as for hardware.

The predefined list of hardware components that the scan inventories includes disk drives, hard disks, BIOS, buses, mouse devices, keyboards, display adapters, network cards, memory, serial ports, and parallel ports. The hardware and software information resides in the ZENworks inventory database, zeninv.db. The SYS:\Zenworks\ Database directory on the NetWare server stores zeninv.db.

The software scan checks for applications on workstations, reports information about the scanned software—such as the name and version of the software and the file size of the scanned application files—and collects configuration file information to report the contents and details of the system files. To enable the software scan inventory feature, set up a Software Scan Policy within NetWare Administrator. The scan policy lets you customize the scanning of workstation applications. The Software Scan Policy displays the list of applications the inventory feature will scan according to the applications you select in the Software List Editor. You can find the Software List Editor in the Software Scan Policy.

The Software List Editor contains a predefined software list of up to 6000 software applications. The Software List Editor maintains this list in a text file, ldappl.ini. Novell advises administrators not to risk corrupting the ldappl.ini file by manually editing it. Instead, use the Software List Editor to modify the settings of this file. In the Software List Editor window, select the applications you want the Software Scan Policy window, which Screen 1 shows, to display. The file extensions you specify in the Software List Editor will determine the types of files the inventory feature will scan on the managed workstations. By default, the Software List Editor lists applications by their product names. You can use the File name view option to list applications by filename.

Remote Control Features
The Remote Management console components centralize administration of managed workstations. Remote control lets Help desk employees spend less time at user workstations and more time resolving workstation problems. Only authorized employees can control machines remotely; the security features for the remote control components don't allow unauthorized access. These features include NDS rights, the remote management policy, and remote management settings on workstations and user objects. The console operator must have write rights on the applicable workstation object in NDS. Also, the target workstation or the user logged on to the target workstation must have an effective remote management policy in place. You can run remote sessions in the background so that end users don't know they're running.

The NetWare Administrator runs the Remote Management console. The console components include the following:

Remote Control. You can remotely control a workstation from the NetWare Administrator console. You'll see the Remote Control window, which Screen 2 shows, superimposed on the NetWare Administrator window. Remote Control lets administrators or Help desk personnel remotely manipulate the workstation screen with a mouse and a keyboard. This feature is valuable when a user needs help with software features. The console operator can explain the process and offer a visual demonstration onscreen at the same time. This feature also lets the console operator or the user duplicate workstation error situations for the operator to analyze.

Remote View. The Remote View component lets you view a workstation screen; however, you have no mouse or keyboard capabilities. You use this feature to troubleshoot problems a user has encountered. For example, you can view error messages at the workstation. If a user is having difficulty with a certain task, you can observe the user's actions and walk the user through the task.

Remote Execute. This component lets you execute any program on a remote workstation from the console. Remote Execute is a great troubleshooting tool that can help you recreate error messages a user is seeing. You run the application by specifying its path and name in the Remote Execution window. If the application or parameter includes a space character, you must enclose the space with quotation marks.

File Transfer. File Transfer lets you perform file operations between the console and any managed workstation. You can move, copy, rename, or delete files, and create directories. The File Transfer window lets you view the properties of files and directories on the console and the workstation. The property values include the date and time of file creation and the file size. You must load srvftp32.exe on NT and Win9x workstations to perform a File Transfer operation.

Ping. The Ping test determines whether Remote Management is loaded on a managed workstation. Ping transmits to the workstation and tracks the response to verify the connection. This response displays in the Ping Remote Management window. Ping and Remote Management both work on either IP or IPX.

Diagnostics. Diagnostics shortens problem-resolution time by making technician visits to affected workstations unnecessary. You get realtime information to aid the diagnosis of workstation problems. You can access the following diagnostic information for NT and Win9x managed workstations: Windows Memory, Environment, WIN32 Processes, WIN32 Modules, NetWare Connections, Novell Client, Network Protocols, Name Space Providers, Network Drives, Network Open Files, and Print Capture. In addition, you can view Event Log, Device Drivers, and Services List diagnostic information for NT workstations. The diagnostics information for workstations transmits on IP, but not IPX.

Chat. The Chat component is a realtime messaging tool that lets an authorized administrative employee communicate with a user at a managed workstation, as Screen 3 shows. The workstation must have the appropriate Chat and Remote Management files to communicate with the console operator. The Chat programs for NT are wuser32.exe and wtalk32.exe. On Win9x workstations, the files are zenrc32.exe and wtalk32.exe. The workstation user must accept the chat session for the session to commence. A nice feature of the chat component is that you can copy information into the chat window to aid in problem resolution.

You need to do a few things before you can use Remote Management. First, you must register each workstation in NDS. Second, you must establish an effective Remote Management policy for each workstation, as Screen 4 shows. Third, make sure you're running Remote Management on each workstation. You can choose from three Remote Management agents; select the one that's appropriate for each workstation's OS. The agents are RemoteNT for NT machines, Remote16 for Windows 3.x machines, and Remote32 for Win9x machines. You run the Remote Management components by selecting the ZENworks Workstation Remote Management option from the Tools menu in NetWare Administrator.

Novell advises that you can install the 16-bit agent, Remote16, on Win9x workstations if you need the full-screen DOS box view. However, the company cautions that Remote16 responds to only IPX remote management requests, is unstable with the WINSOCK2IP stack, and doesn't support advanced video cards, LAN adapters, and workstations.

Make sure you disable screen savers during Remote Management sessions. If a screen saver activates on the workstation you're accessing remotely, the session might terminate. If a 3-D screen saver activates on the target workstation, the console window will display only a blank screen.

Software Distribution Through SnAppShot
SnAppShot 3.0 creates an application installation template. NetWare Administrator uses this template to create a new application object. SnAppShot creates the object template as an .aot or .axt file. Although NetWare Administrator doesn't need an .aot or .axt file to create an application object, these files make the process easier. Novell suggests that you create the template on a computer that is representative of the workstations on which you will install the application.

SnAppShot contains three executable files. Novell recommends that you always run snapshot.exe, regardless of the platform. Novell refers to snapshot.exe as a wrapper executable program. Wrapper programs sense the platform in use and execute the appropriate executable. Snappe32.exe runs on NT workstations, and snappe16.exe runs on Win9x workstations.

SnAppShot discovers the changes an application installation makes to a workstation—such as Registry alterations and the files the application installs. If the software requires a reboot to finish the installation, snAppShot recognizes this requirement, continues with the installation after the reboot, and generates the template file.

SnAppShot creates the installation template by first storing information about the workstation's preinstallation configuration. The feature prompts you for the location of the installation files and asks where you want them to reside on the workstation. SnAppShot then performs the installation on the computer.

Next, snAppShot notes the workstation's postinstallation configuration and compares it with the preinstallation configuration. The feature then stores all configuration differences in the object template file (i.e., .aot or .axt), as Screen 5 shows. SnAppShot uses this template as a foundation to create the application object in NDS. The template file stores information about files and folders, Windows shortcuts, .ini files, system configuration files, and Registry elements that pertain to the installation of the new software.

To create the application object, run the Application Object Wizard. The wizard walks you through creating the application object with the .aot or .axt file, browsing for the desired .aot or .axt file, and entering the object name of the application object in the Object Name text box. Double-check the source and target directories of the application object. Review the information about the application object, and make any necessary changes. To access the property pages of this object, select Display Details after Creation.

Self-Healing Applications
When an application fails to launch, ZENworks automatically offers the Verify option to the user so the user can recopy any missing files. The Verify option compares items such as files and Registry entries on the workstation's hard disk to the corresponding items in the application object. ZENworks pushes only the missing files and Registry changes to the workstation.

This process saves time for Help desk employees and users. Users can skip the interrogation about what they did to change the system, and they don't have to wait until someone can visit their workstations to reinstall software. Help desk employees don't need to spend time analyzing what happened to users' workstations.

NAL must deliver self-healing applications for the applications to self-heal. ZENworks can't automatically deliver missing files for applications you install directly on the workstation without using NAL.

Powerful Help for Administrators
ZENworks offers many features to assist with the day-to-day problems of overseeing a large enterprise network. Components such as Software Metering and Distribution, Trouble Ticket configuration, and Desktop Y2K preparation through integration with Check 2000 help keep the network in compliance with company policies. In the long run, the time you save with components such as self-healing applications and remote control access to workstations will more than pay for the cost of installing the ZENworks package.