Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 2840 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

slightly bodged migration

jjohnson1980

Greeings everyone.

I recently migrated my SEC4.5 installation from a 2k3 server to a new 2k8 server. Everything was going well and id followed the migration guide through. Unfortunately i got a bit over keen and removed the old server as a SUM before they did their daily contact which would have given the clients the new server settings through the ammended reinit.bat & sav.cfg files.

The clients are still trying to update to the old server which is still live and sophos is still running on it however it doesnt seem to be giving them the new server info and pointing them at it.

Is there a workaround for this or is it a reinstall from the new server?

Thanks
James

:12091


This thread was automatically locked due to age.
  • 0

    Hi,

    Even if you remove SUM, the CID and share should still remain, so any clients pointing at the old location should still find the custom files in the CID, pull them down and take action.

    If you haven't got that many machines to redirect to the new server, an alternative approach would be to use the script I put here:
    /search?q= 8939

    Essentially, this HTA can be used to generate a VBS file that can be run on the endpoints to re-point them.  The reason for the HTA is to encode within the resultant VBscript the cac.pem and mrinit.conf so in effect the script becomes totally standalone.

    I would recommend testing the resultant vbs file on a couple of machines before wider deployment.  I would only recommend running it on clients and not on and message relays.  It does checks to prevent it but safer not to test them :) 

    I hope that gives you something.

    Regards,

    Jak

    :12099
  • 0

    Thanks for your reply jak. I have about 600 clients so itll take some doing. Any idea why the script from the migration guide isnt working if its still there and active?

    :12161
  • 0

    Hi!

    ....just a suggestion....in my case I copied mrinit.conf file from new server (Program files\Sophos\Enterprise console) to RMS folder in the old CID on old server. After that I used configcid \\oldserver\Sophosupdate\CIDs\SAVSCFXP....

    This "solution" was first written in user manual for migrating EC 4.0, but later was replaced with the use of scripts that you used.

    Hope this helps.

    :12163
  • 0

    Just tried what you suggested and it still points at the old server. Its as if the client is totally ignoring what the server is sending out

    :12169
  • 0

    Hello James,

    with the changed mrinit.conf the clients should report to the new server. Guess you did already edit the updating policies on the new server. The clients should now appear as connected and managed but not complying with the updating policy. Using Comply with you send them the new policies and from then on they should use the new CID.

    Note that RMS and updating are independent. mrinit.conf is "just" for locating the management server. The update location(s) are controlled by the updating policy. To change this without using RMS you'd export the policy on the new server (as sauconf.xml) and put this in the \sau subfolder of the old CID.

    HTH

    Christian

    :12171
  • 0

    @QC

    Ahh i now understand completely. Thanks for explaining that to me. I now understand that it is actually working and i know what im seeing in SEC now.

    Thanks very much for you help

    James

    :12177
Unfiltered HTML