Wikis - Page

Deploying Novell SecureLogin Using Advanced Options With ZENworks Configuration Management

0 Likes

This article describes some advanced options for installing Novell SecureLogin (NSL) client using a ZENworks Configuration Management bundle.


- Silent installation with MSI install parameters. (without responsefile)

- Installing with MST (transform) file – for languages other than english.



Authors:

Gaurav Vaidya

Shashikala BV



Table of Contents


1. Assumptions

2. Problem Statements

    2.1 Silent Install for NSL with MSI Install Parameters

    2.2 Installing NSL in Language other than English through ZCM

3. Using MSI Install parameters of NSL with ZCM

    3.1 Introduction to NSL MSI Install Properties

    3.2 Installing NSL through ZCM using MSI install properties

    3.3 Sample Combinations of parameters for NSL deployments

4. Performing Non-English Installation with ZCM

    4.1 Introduction to MST files

    4.2 Using MST files for installation through ZCM

5. Conclusion



1. Assumptions



It is assumed for this document that the Novell SecureLogin version is 7.x and the ZCM version is 10.x. ZCM server is already deployed and agents are also configured.



This document describes all the necessary steps required for deployment with ZCM.


ZCM deployment is available (both server and agents).



2. Problem Statements



2.1 Silent Install for NSL with MSI Install Parameters



Novell SecureLogin silent installation can be performed in two ways – (1) by using Responsefile.ini which can be either obtained by doing a manual installation of the product once OR using some responsefile generator script. (2) otherwise one can use MSI install parameters for NSL to specify the installation options.

Option (1) may become tedeous if the administrator requires different types of installation across the organization and also with respect to distributing responsefile.ini with each install bundle. Using option (2) provides flexibility to administrators for specifying and maintaining silent install parameters as needed.



2.2 Installing NSL in Language other than English through ZCM



For NSL versions prior to 6.1, users were prompted for a choice to select the installation language during installation. In the current version of NSL, the user is not given any option to select the install language and the installation proceeds with default English language. However NSL provides an option to use supplied MST (Transform) files to customize the installation language. This can also be achieved while distributing the NSL package through ZCM.



3. Using MSI Install parameters of NSL with ZCM



This section describes the steps needed to deploy the Novell SecureLogin client silently on the end user devices without having a need to generate a Responsefile.ini. This can be achieved through using MSI install parameters supported by Novell SecureLogin in conjunction with the feature provided by the ZENworks Configuration Management bundle.



3.1 Introduction to NSL MSI Install Properties



MSI installer properties are global variables that are used in configuring the installation. Typically these Property-Value pairs are used during command line installation for packages or to carry out silent installation. Novell SecureLogin provides multiple install properties for customizing the installation through MSI. Following are the most commonly used NSL install properties:





Property

Values

Description



X_INSTALLTYPE

EDIR

LDAP

MAD

ADAM

STANDALONE

This parameter defines the location where SecureLogin will store data.



LDAPMODE

GINA

CRED

APP

This option, LDAP is choice of communication protocol for both eDir or non-eDir data stores. This option specifies when SecureLogin will try to login to the data store.



LDAPSERVERADDRESS

<server ip>

Used to specific LDAP server address in all LDAP modes.



LDAPPORT

<port number>

Used to specific port to be used for LDAP server.



SW_INST

Yes

Used to enable installation of Secure Workstation.



X_INSTALLADMIN

Yes

Install slmanager on client.



X_INSTALLCITRIX

Yes

Install Citrix support.















There are some properties which are applicable only when X_INSTALLTYPE is EDIR. These properties should not be defined for any other data store.





Property

Values

Description



PROTOCOLFOREDIR

LDAP

NDS

In case Install Type is chosen as EDIR, the protocol for communicating with eDirectory has to be specified.



IS_SECRETSTORE

1

0

Specifies if the client-server shall use SecretStore or Not (To provide additional layer of security for NSL Data)



NMASCLIENT

1

0

Specifies if NMAS methods are to be supported, by installing NMAS client.















There are many other install parameters supported by Novell SecureLogin. For the complete listing refer to the SecureLogin Install guide at the Novell product documentation site.



3.2 Installing NSL through ZCM using MSI install properties



For larger deployments administrators typically provision the SecureLogin package on end user devices through applications like ZCM. The process of deploying NSL without using a Responsefile (and using MSI install properties is as follows)





  1. Login to ZENworks Control Center and open the "Bundles" page








  • Configure Bundle Details, for example use a bundle name such as "NSL-Non-English"






  • Select & Add the MSI file for the NSL installer, configure the installation parameters as required by the installation (for providing installation without GUI, specifying no reboot after install etc.)






  • Configure MSI installation parameters for the created bundle by adding all the desired parameter / value pairs in the Bundle option.






  • If nothing else is to be configured then go through the next 3 pages by clicking "Next", "Next" & "Finish", to complete creation of the bundle


  • Assign the bundle to devices or users and configure Distribution and launch schedules, as required.



  • Go to the end user device where the bundle is assigned and verify.




3.3 Sample Combinations of parameters for NSL deployments



Following are sample combinations of a typical set of Install properties to be configured for various SecureLogin installation types.



To deploy SecureLogin with eDirectory in LDAP-GINA mode with SecureWorkstation, use the following options:





Property

Value



X_INSTALLTYPE

EDIR



PROTOCOLFOREDIR

LDAP



LDAPMODE

GINA



LDAPSERVERADDRESS

<Server.IP.Address>



LDAPPORT

<Port>



XW_INST

Yes












To deploy SecureLogin with Active Directory in LDAP - Credential provisioning mode with Citrix support, use the following options:





Property

Value



X_INSTALLTYPE

MAD



LDAPMODE

CRED



LDAPSERVERADDRESS

<Server.IP.Address>



LDAPPORT

<Port>



X_INSTALLCITRIX

Yes













4. Performing Non-English Installation with ZCM








Note: Though for the purpose of illustration we have considered Novell SecureLogin package to demonstrate this ZCM feature. This can be applied to other applications as well which provides different language options through MST files.


As mentioned above from NSL version 6.1 onwards, users are not given option to select the language during install and the install always proceeds with the default language as English. But there are means by which the default installation language for NSL installation could be changed – using MST files.



Novell SecureLogin is shipped with 5 MST files bundles with the build. This can support 5 additional install languages other than English. Each MST file is named as Language code which denotes the following:



1041 - Japanese language

1036 - French language

1046 - Brazilian language

1031 - German language

1034 - Spanish language



4.1 Introduction to MST files


A transform file (.mst) is used to specify a set of modifications to be performed while deploying a MSI file. It passes customized configuration settings to the installer package. One of the applications of transforms is to support multiple national languages. This is what is utilized by Novell SecureLogin to support multiple language install.



If one is installing the SecureLogin client manually, the transform files can be used through command line options.



msiexec.exe /i "Novell SecureLogin.msi" TRANSFORMS=<lang-code>.mst



Note: <lang-code> denotes a specific language, as mentioned above in Section 4.




4.2 Using MST files for installation through ZCM



As stated earlier for larger deployments administrators typically provision the SecureLogin package on end user devices through applications like ZCM. Now if they want to provide a customized installation language for end users using MST files, it can be a achieved through ZCM as follows:



Follow the steps 1 to 7 as mentioned in Section 3.2 and continue with the following steps:




  1. Configure the MST file for the language of your choice.





  • If nothing else is to be configured then go through the next 3 pages by clicking "Next", "Next" & "Finish", to complete creation of Bundle.

  • Assign the Bundle to devices or users, as required.

  • Go to the end user device where the bundle is assigned and verify the language option.



5. Conclusion



ZENworks Configuration Management (ZCM) provides easy options to perform NSL client deployments without using a Responsefile and applying Language transform for non-English installations.

Tags:

Labels:

How To-Best Practice
Comment List
Related
Recommended