Migrating SEC 5.4.0 from Server 2008 R2 to Server 2016

Hello All,

I just started the migration process using the recommended guide and it wants me to backup everything in the folder C:\Program Files (x86)\Sophos\Enterprise Console (on the existing server) using command prompt and the DataBackupRestore.exe utility. When I went to check what was in that directory, it was only an application called ObfuscationUtil.exe.

 

Is this particular step necessary for the migration process since the DataBackupRestore.exe utility isn't there or any other files?

 

Thank you

Jeremy

  • Hi  

    The Sophos Enterprise console version 5.4.0 has already been retired. Please check this link for more information. I would recommend you to upgrade to the latest version, you may check this article for possible upgrade paths. After upgrading to the latest version, you may follow this migration guide which will help you for the server to server migration of Sophos Enterprise console. 

  • Hi Jeremy,

    The DataBackUpRestore.exe utility backs up all the required data including registry keys and databases so they can be imported to your 2016 server.  If your (x86)\Sophos\Enterprise Console folder is empty, it might be that the software was installed into a different location.  You can find out where the utility should exist by opening up services.msc on the server and right clicking Sophos Management Service > Properties > Look at the path to executable.

    I'd advise upgrading to SEC 5.5.1 before performing the migration as this would be the best time to do it.  When you perform the migration, both servers must be running the same version of SEC.

  • In reply to Shweta:

    Thank you for the reply. I upgraded to SEC 5.5.1, but after it installed and restarted, I am not able to open Sophos Enterprise Console. I receive the following error:

    Sophos.UIController.Extension.UIControllerException: Cannot retrieve session token after 8 retires. Please check that the Sophos Management Hos service is running, other wise see KBA 118513.

    - I checked on services and they are all running,

    - I restarted all the services and restarted the server. 

    - I checked if the SQL Server instance was online

    I still get the same error. 

    The server is in a virtual environment which is on a stand alone network. If you have any information for fixes to try, please let me know. 

  • In reply to MEric:

    Thanks for the reply. You were right, it was installed in a different location. 

    I also upgraded to SEC 551, but ran into a couple errors (I explained in the above reply). If you have any input, please let me know. Thank you.

  • In reply to Jeremy Reyes:

    Hi Jeremy,

    Just to confirm, the Sophos Management Host service is running without issues?  If not please attempt to start it and look into Event Viewer > Windows Logs > Application for the error message.

    If the service is running without issues, please open the "C:\Program Files (x86)\Sophos\Enterprise Console\EnterpriseConsole.exe.config" file in a text editor.  This file may be in a different location if SEC was installed elsewhere.  Search for the below text and make sure the value references a user that exists on this new server and the user has access to the database.
    <identity>
       <userPrincipalName value="SophosManagement@domain.com"/>
    </identity>
    If this user does not exist, copy this file to back it up and change the value to an existing user.  Restart the Sophos Management Host and Sophos Management Service services and attempt to open up SEC again.  Also look out in case this user is part of your domain but the server is not joined to the domain.

  • In reply to MEric:

    Hi MEric,

    Yes, the Sophos Management Host service runs without any issues and there are no errors in Event Viewer.

    I found the config file, but the identity value doesn't exist at all. Should I add it in there manually and if so, where within the config file? I'm not sure if it matters, but this is still the existing server (old server). The plan now is to upgrade to 5.5.1 then migrate to Server 2016.

    Thanks!

  • In reply to Jeremy Reyes:

    I was able to find the location to add the value and edited the config file in all the necessary locations. I restarted the services, but still the same error and no logs in event viewer.

  • In reply to Jeremy Reyes:

    Hi Jeremy,

    I would try re-running the Sophos Enterprise Console installer over-top the existing install, rebooting and see if this resolves the issue.

    If the issue still persists, I would look into C:\Program Files\Microsoft SQL Server\MSSQL11.SOPHOS\MSSQL\Log\ERRORLOG and C:\ProgramData\Sophos\ManagementServer\log\FrontEndService.log for any errors.  Feel free to post the logs here if you would like me to review them.

  • In reply to MEric:

    Hi MEric,

    You were right again. Installing on top of the existing installation fixed the issue. Thanks again.

    I will now start with the migration to Server 2016.

    - Jeremy