Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 3 subscribers
  • Views 4488 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SEC - computers in disconnected (red cross) status after server to server migration

Julien LONGHI

Hello,

I did a Server to Server migration for a sophos enterprise security console and now all computers stay in disconnected status except the SEC server itself.

The SEC version is 5.5.1 and the database is stored in a SQL Clustered environnement.

The old server was Windows Server 2008 and the new one is Windows Server 2016.

IIS is used to distribute the CIDs.

For this migration, I followed the migration guide.

What is particular is that the new server has the same name and IP @ as the old one. For that, I did a full backup, I removed the old one from the domain and I disconnected it from the network.

The new one was inserted in the domain with the old name and the same IP @ of the old one.

I did the Management and console installation, the restore of needed data, IIS configuration...

The connection to the database is ok, the SUM is updating .

I checked a lot of things, with a lot of KB but I don't understand what's wrong.

I don't see something wrong in the logs I checked.

But I can see a lot of errors in the security Windows event logs. It seems that the problem of these errors are with the sophosmanager account.

I'm sure that the account/password configured during the install process is OK.

Thanks for your assistance.



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to Julien LONGHI

    Hello Julien,

    a problem with the certificate import
    could be. As there haven't been any significant changes to the database it's safe to completely uninstall all Sophos components (or if possible to reset the server to the state before SEC installation). Just make sure the certificates are imported correctly.

    Christian

Children
  • 0 in reply to QC

    Christian,

    I uninstalled all SEC server components.

    I had to use a cmd elevated with msiexec + regex value to unistall Sophos Management Server.

    I did a new install following the migration guide with a particular attention to the restore at the good time of the CertificateManager registry.

    It is ok now but I've got only 200 computers alive in the console but I should have about 1000.

    I did a test on some, and I need to reboot the user PC to see the computer connected (green) into the Sophos Enterprise Console.

    Do you know if there is a simple way to get them up without a reboot ?

    Thanks again for your assistance,

    Julien.

  • 0 in reply to Julien LONGHI

    Hello Julien,

    as said it's the endpoints that initiate the connection. There's probably a backout when the connection repeatedly fails, there's a ConnectRetriesPause registry value (decimal 2000) and if these are seconds - well, you can do the math.

    Christian

Unfiltered HTML