This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

best migration route to 4.5 on new tin

Currently running em3.5 and NAC 3.1 on a, getting long in the tooth, w2k3 box. Would like to replace it with new tin (actually a VM running w2k8 on a new box) Whats the best way forward for this?

Looking at the guides I get the impression that it'll be an in place upgrade from 3.5 to 4 and then 4.5 and then migrate to a new box which is a bit of a ball ache. We're only running with around 250 clients so would it actually be quicker to just start afresh with a new install of 4.5? I can see the problem being NAC (we have around 100 or more Linux boxes all of which have defined MAC exclusions) so that might be a pain and sorting out the client various policies we have as we run HIPS and Application control.

So I was thinking of installing 4.5 on the new VM leaving 3.5 and NAC 3.1 in place and running on the old box. Configuring 4.5 and moving our servers and win7 boxes over to it to install 9.5 (win7 boxes aren't running NAC) I can then turn off the DHCP agents so that NAC doesn't do anything and install NAC on the new box and configure that, but I'm going to have to do some manual messing around with the NAC rules and MAC exclusions.

Comments?

This thread was automatically locked due to age.

0 ruckus over 14 years ago
Your SOPHOS3/ SOPHOS4/ SOPHOS45 database contains all of the policies, groups and history. If you don't need that information and you're willing to find all the machines again/ recreate the policies you don't need to migrate the database.
However you may want to export the following key on the old server and import into the registry of the new...
HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Certification Manager
Importing this key means the new server will use the same certificates a the old one so clients won't be denied access when trying to report.
NOTE: If you moving from a 32-bit server to a 64-bit you should edit the export in notepad.exe and add in the "Wow6432Node" bit.
If you're redirecting clients to a new server I recommend read...
Changing the IP address of the server may affect the clients ability to report correctly to the server. This is due to a client's capacity to use multiple addresses to contact its fixed parent. Therefore you should check to see what addresses the clients use to contact the server to see if this needs to be amended after the IP address change.

Checking which addresses are used for reporting by the clients

During installation the Sophos Remote Management System.msi uses the MRInit.conf file for the addresses of the Sophos management server. Once the the client installation is complete the addresses are stored in the registry.
Search the Sophos management server for the "mrinit.conf" file on all drives.
Open the files in notepad.exe and compare the last line of the file that begins ParentRouterAddress. A default MRInit.conf file will contain the IP address, full qualified domain name and hostname of the server as detected during the original installation of the Sophos management server components. An example is...
"ParentRouterAddress"="192.168.0.1,myserver.net.local,myserver"
Compare the ParentRouterAddress string with the following registry key on a working client...
HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Messaging System\Router > ParentAddress
...the values should match.
Based on the example above a client would attempt to connect to the server on 192.168.0.1 and failover to myserver.net.local after five minutes then failover to myserver after another five minutes.

If the clients are only using an IP address or you do not want communication between the client and server to be delayed please follow the instructions below to correct the address.

Changing the ParentAddress of client machines
Open the following file in notepad.exe...
C:\Documents and Settings\All Users\Application Data\Sophos\Update Manager\CIDs\Sxxx\SAVSCFXP\mrinit.conf
NOTE: Substitute the "Sxxx" folder for the relevant subscription folder
Correct the ParentRouterAddress string to match the new IP address of the server.
Save and close the file
Copy the mrinit.conf file into the RMS sub-directory beneath the SAVSCFXP folder
Run the utility ConfigCID.exe as detailed in the following article...
Article ID:13112
Title: Enterprise Console: using ConfigCID.exe to implement XML configuration file changes
URL: http://www.sophos.com/support/knowledgebase/article/13112.html
On a client force an update.
When the re-installation completes check the value of...
HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Messaging System\Router > ParentAddress
...which should have changed to match the string in the in the mrinit.conf file.
:3858
- - - - - - - - - - - -

Communities Moderator, SOPHOS
Knowledge Base | @SophosSupport | Video tutorials
Remember to like a post. If a post (on a question thread) solves your question use the 'This helped me' link.
Cancel
Vote Up 0 Vote Down

Cancel
0 kjhoskin over 14 years ago

ok I've done a test migration and things seem to work fine, except NAC. The new NAC client installs ok and the clients seem to get registered with the NAC server but after a little while I get an error on the client.
"The agent was unable to communicate with the server in order to report results"
Sophos SEC and NAC are running on a Hyper-V virtual box with the databases running on a full fat SQL box.
I get the issue on Vista boxes that were running NAC 3.3 and on Windows7 boxes that have never had the NAC client installed on them
:3931
Cancel
Vote Up 0 Vote Down

Cancel
0 kjhoskin over 14 years ago

ok a little more info.
From Agent log on client
07/16/10 11:08:30|TID:       2364|ID:          0|File:           LoggingFacility.cpp|Line: 268|Evidence: Info Msg: Log Created at: 07/16/2010 11:08:30
07/16/10 11:11:03|TID:       3852|ID:       1000|File:EFEncryptedValueManagement.cpp|Line: 159|Evidence: Info Msg: EncryptedValue has not been created
07/16/10 11:11:04|TID:       3852|ID:       1000|File:             ReportManager.cpp|Line: 380|Evidence: Info Msg: PublishData - Publishing Data FAILED Engine: EngineGlobal strRegId: 8BA0DB9B8FC540A88EFB02250057E6EB
07/16/10 11:11:06|TID:       4656|ID:       1000|File:                  Assesser.cpp|Line: 623|Evidence: Info Msg: ...no profiles detected
07/16/10 11:11:07|TID:       4656|ID:       1000|File:                  Assesser.cpp|Line: 623|Evidence: Info Msg: ...no profiles detected
07/16/10 11:11:07|TID:       4656|ID:       1000|File:             ReportManager.cpp|Line: 380|Evidence: Info Msg: PublishData - Publishing Data FAILED Engine: EngineGlobal strRegId: 8BA0DB9B8FC540A88EFB02250057E6EB
07/16/10 11:11:08|TID:       4656|ID:       1000|File:             ReportManager.cpp|Line: 380|Evidence: Info Msg: PublishData - Publishing Data FAILED Engine: EngineGlobal strRegId: 8BA0DB9B8FC540A88EFB02250057E6EB
07/16/10 11:11:08|TID:       4656|ID:       1000|File:             ReportManager.cpp|Line: 256|Evidence: Info Msg: Publishing Data file FAILED tzFileName: GL0692556BB52649B3A0075C55062D5759.rd
07/16/10 11:11:08|TID:       4656|ID:       1000|File:             ReportManager.cpp|Line: 380|Evidence: Info Msg: PublishData - Publishing Data FAILED Engine: EngineGlobal strRegId: 8BA0DB9B8FC540A88EFB02250057E6EB
07/16/10 11:11:08|TID:       4656|ID:       1000|File:             ReportManager.cpp|Line: 256|Evidence: Info Msg: Publishing Data file FAILED tzFileName: GL6D38EAD3644C450CAF30FA2793B1A679.rd
07/16/10 11:11:09|TID:       4656|ID:       1000|File:             ReportManager.cpp|Line: 380|Evidence: Info Msg: PublishData - Publishing Data FAILED Engine: EngineGlobal strRegId: 8BA0DB9B8FC540A88EFB02250057E6EB
07/16/10 11:11:09|TID:       4656|ID:       1000|File:             ReportManager.cpp|Line: 256|Evidence: Info Msg: Publishing Data file FAILED tzFileName: GL81DFA60F91824409B127A142C7A68C1C.rd
07/16/10 11:11:09|TID:       4656|ID:       1000|File:             ReportManager.cpp|Line: 380|Evidence: Info Msg: PublishData - Publishing Data FAILED Engine: EngineGlobal strRegId: 8BA0DB9B8FC540A88EFB02250057E6EB
07/16/10 11:11:09|TID:       4656|ID:       1000|File:             ReportManager.cpp|Line: 256|Evidence: Info Msg: Publishing Data file FAILED tzFileName: GLD92A0DAFCB934616986FEB74C53A3960.rd
07/16/10 11:11:22|TID:       3852|ID:       1000|File:                  Assesser.cpp|Line: 623|Evidence: Info Msg: ...no profiles detected
07/16/10 11:11:22|TID:       3852|ID:       1000|File:                  Assesser.cpp|Line: 623|Evidence: Info Msg: ...no profiles detected
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 874|Evidence: Info Msg: Log Created at: 07/16/2010 11:11:02
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 802|Evidence: Info Msg: Product Version Info Msg: 3.5.306.0
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 738|Evidence: Info Msg: Application Setting NAME: Username VALUE: <not set> SOURCE: <none>
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 738|Evidence: Info Msg: Application Setting NAME: Password VALUE: <not set> SOURCE: <none>
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Logging enabled VALUE: true SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Logging VALUE: 1 SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Ini File VALUE: C:\ProgramData\Sophos\Sophos Compliance Agent\Data\agent.ini SOURCE: Internal
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Save Username VALUE: false SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Save Password VALUE: false SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Working Directory VALUE: C:\Program Files\Sophos\Sophos Compliance Agent SOURCE: Internal
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Log Directory VALUE: C:\ProgramData\Sophos\Sophos Compliance Agent\Logs SOURCE: Internal
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Data Directory VALUE: C:\ProgramData\Sophos\Sophos Compliance Agent\Data SOURCE: Internal
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 738|Evidence: Info Msg: Application Setting NAME: Registration Type VALUE: <not set> SOURCE: <none>
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Log Lifetime VALUE: 24 SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Notify Action VALUE: 1 SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Show Registration Icon VALUE: true SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Show Results Icon VALUE: true SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Show Override Icon VALUE: false SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 738|Evidence: Info Msg: Application Setting NAME: Show Noncompliant Icon VALUE: <not set> SOURCE: <none>
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 738|Evidence: Info Msg: Application Setting NAME: Show Compliant Icon VALUE: <not set> SOURCE: <none>
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 738|Evidence: Info Msg: Application Setting NAME: Show Partial Icon VALUE: <not set> SOURCE: <none>
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 738|Evidence: Info Msg: Application Setting NAME: Show Default Icon VALUE: <not set> SOURCE: <none>
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 738|Evidence: Info Msg: Application Setting NAME: Show Report Mode Icon VALUE: <not set> SOURCE: <none>
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 738|Evidence: Info Msg: Application Setting NAME: Show Remediate Mode Icon VALUE: <not set> SOURCE: <none>
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 738|Evidence: Info Msg: Application Setting NAME: Show Timer Icon VALUE: <not set> SOURCE: <none>
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Show Progress VALUE: false SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Notify VALUE: 1 SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Show Exit VALUE: false SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Basic Auto Register VALUE: true SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Show Errors in Results VALUE: true SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Show Extended Error Information VALUE: true SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Show logging VALUE: true SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 738|Evidence: Info Msg: Application Setting NAME: ProxyUsername VALUE: <not set> SOURCE: <none>
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 738|Evidence: Info Msg: Application Setting NAME: ProxyPassword VALUE: <not set> SOURCE: <none>
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Save Proxy Username VALUE: true SOURCE: Ini File
07/16/10 11:11:02|TID:        380|ID:          0|File:                  AgentApp.cpp|Line: 730|Evidence: Info Msg: Application Setting NAME: Save Proxy Password VALUE: true SOURCE: Ini File
07/16/10 11:11:09|TID:        380|ID: 2147500037|File:            ReportMessages.cpp|Line: 328|Evidence: TID: 380 Info Msg: Reporting encountered a server error Stack Dump:
:3933
Cancel
Vote Up 0 Vote Down

Cancel
0 kjhoskin over 14 years ago

and I also get the following in the servers app log when any client tries to report back
Log Name:      Application
Source:        Sophos NAC
Date:          16/07/2010 11:11:10
Event ID:      1002
Task Category: 3
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      Printserver.npm.ac.uk
Description:
PID 2912 : TID 4
Failed to report client global data. Exception information is included for additional evidence.
-- Sophos NAC Exception Details --
Source Message: Queue Does not Exist
Source: QueueComponents
Source Timestamp: 16/07/2010 11:11:10
Source Machine: PRINTSERVER
Source Exception Type: Sophos.NAC.Core.ExceptionManagement.EndForceException
Source: QueueComponents
Target: Void set_QueuePath(System.String)
Source App Domain: /LM/W3SVC/1/ROOT/ReportInterface-1-129237483950459562
Source Thread Id: 4
Source Thread Identity:
Source Win Identity: NPM\admin_em45
Help Link:
Source Stack Trace:
--Runtime Evidence--
Queue Path: .\Private$\SophosNAC_Report
-- Evidence At Publish --
Agent Bias: 4294967236
Agent Date: 16/07/2010 11:11:09
-- Structured Evidence --(Agent Info)
strAgentId: 8BA0DB9B8FC540A88EFB02250057E6EB
strUsername: 8BA0DB9B8FC540A88EFB02250057E6EB
strAgentType: persistent
strAgentVersion: 3.5.306.0
strOSDescription: Win7 ver:6.1.7600 sp:0.0 arch:x86Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
    <Provider Name="Sophos NAC" />
    <EventID Qualifiers="0">1002</EventID>
    <Level>2</Level>
    <Task>3</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2010-07-16T10:11:10.000Z" />
    <EventRecordID>747</EventRecordID>
    <Channel>Application</Channel>
    <Computer>Printserver.npm.ac.uk</Computer>
    <Security />
</System>
<EventData>
    <Data>PID 2912 : TID 4
Failed to report client global data. Exception information is included for additional evidence.
-- Sophos NAC Exception Details --
Source Message: Queue Does not Exist
Source: QueueComponents
Source Timestamp: 16/07/2010 11:11:10
Source Machine: PRINTSERVER
Source Exception Type: Sophos.NAC.Core.ExceptionManagement.EndForceException
Source: QueueComponents
Target: Void set_QueuePath(System.String)
Source App Domain: /LM/W3SVC/1/ROOT/ReportInterface-1-129237483950459562
Source Thread Id: 4
Source Thread Identity:
Source Win Identity: NPM\admin_em45
Help Link:
Source Stack Trace:
--Runtime Evidence--
Queue Path: .\Private$\SophosNAC_Report
-- Evidence At Publish --
Agent Bias: 4294967236
Agent Date: 16/07/2010 11:11:09
-- Structured Evidence --(Agent Info)
strAgentId: 8BA0DB9B8FC540A88EFB02250057E6EB
strUsername: 8BA0DB9B8FC540A88EFB02250057E6EB
strAgentType: persistent
strAgentVersion: 3.5.306.0
strOSDescription: Win7 ver:6.1.7600 sp:0.0 arch:x86
</Data>
</EventData>
</Event>
:3934
Cancel
Vote Up 0 Vote Down

Cancel