Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 1 subscriber
  • Views 2867 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Moving Enterprise Console 4.0 from one server to another.

Norwun

Our SOPHOS server is being retired and I am trying to move Enterprise Console to a new server.  However, there is very sparse information in the knowledge base or the forums on exactly how to do this.  It has been a real struggle getting this to work and phone support isn't much help.  They told me I just need to reinstall EC4.0 on the new server and the computers will be picked up again.

The Macs were picked up but they are not updating and the PCs are greyed our and require me to reinstall the client again in order to be picked up. 

Why is there no support or documentation for this?  Does it not occur to anyone in SOPHOS that someone would need to do this?

:2740


This thread was automatically locked due to age.
  • 0

    Hi Norwun,

    There is a KB article that I think covers what you are after.

    http://www.sophos.com/support/knowledgebase/article/52383.html

    :2741
  • 0

    Yeah I've seen this.  This is for EC 3.0 and moving from 32 bit to 64 bit.  Some of the steps in the article don't apply.

    :2742
  • 0

    Hello,

    correct, and 28276 also describes migrating SEC3.x but  if you just ignore EM Library and replace 3 with 4 where SEC and the database name are mentioned that's it in principle.

    What exactly did you do? Did you export/import the registry keys for Certification Manager? Is the old server still available? Wonder why the Macs did get "picked up" but at this point we should rather concentrate on the general setup.

    Christian

    :2743
  • 0

    All I've done right now is export the Certificate Manager registry keys from the old server and imported them to the new server then installed EC4.0.

    The older server is still available and renamed to SOPHOSOLD and given another IP address while the new server is given the the orginal name SOPHOS and the original IP address.

    The Macs do get picked up but they are not updating.  Under Update tab, they are listed as Unknown even after I've assigned them a group with the default policy.

    The PCs are just grayed out but when I re-run setup on them, they are picked up and able to update.

    If there is away for me to avoid reinstalling the clients that would be a huge help.

    :2744
  • 0

    Hm, did you export/import the database? And did you import the computers from AD or did they "appear" in the console but as unmanaged? Do the Macs report the correct update location? And if you check on a client - are they updating and up to date? And finally: re-run setup - is this Protect Computers?

    If the clients do connect to SEC by themselves and they are (for now) updating then the problem is probably not as big as it may seem. Is the server itself protected and does it correctly report it's state to SEC? If not it might require a restart.

    Christian 

    :2745
  • 0

    Phone support told me not to export/import database.  But it was one of the things I did try but on EC4.0 the SQL command doesn't work anymore, only on EC3.0 or EC4.0 that was upgraded from EC4.0 which is what my old server was.

    The computers just appeared on the console and on the Mac clients, the shield is black with an X on it so it's not updating.  The path is correct to my bootstrap locations.

    For the PC when I re-run setup, I mean, I go to the bootstrap location from the client and run setup.exe to re-install.

    The server side seems fine, protected and reporting fine.

    :2748
  • 0

    Phone support told me not to export/import database

    Hmm ... then you started with your new server from scratch (already running SUM-only as you didn't mention EM Library)? And you had to re-create all your policies? The backup/restore should work (but not necessarily with exactly the same parameters - if for example you use a different SQL instance).

    While the clients report to the new server and magically appear they should all be in the Unassigned group. I have no clue why they don't report their status or SEC doesn't pick it up. But that seems to be the problem. As I have once in a while a client which "appears" on a management server (a client is "moved" into or out from a domain) I can attest that it reports it's complete state.

    I'd say you have two options:

    1. Find out why the clients do not report correctly although they connect to the management server
    2. Reprotect the clients

    Things you could check or try:

    • On SEC: what's on the Update details tab for the clients, in particular the columns Updating policy and Primary server?
    • On a Mac client: what does the autoupdate log say? Can you open the update location from a Mac (there might be a permission or network/share issue)
    • Windows: debugging the management system is not a simple thing. If you are able to protect the clients from the console and they then report correctly it's still some work but perhaps the least effort.

    HTH

    Christian

    :2774
  • 0

    Yeah, my old server was EC3.0 originally but I had upgraded it to EC4.0 a while back. 

    The clients do report back and are Unassigned.  I've recreated my groups and moved them in so they can have the policy applied to them.

    But anyway, let me try your suggestions and I'll get back to you.  Thanks.

    :2776
  • 0

    Sorry, I haven't had much of a chance to work on this today BUT I've got partial success, atleast for the Mac side.   It was a permissions issue on the network share.   So now my Macs are updating but the PCs stil remained grayed out.

    I don't have an autoupdate log or atleast I can't find it anywhere on the new server.  Supposedly it is here - C:\ProgramFiles\Sophos\AutoUpdate\Logs\ALUpdate.log but I don't have an AutoUpdate folder.

    I'll continue working on it to see if I can get the PCs working.

    :2786
Unfiltered HTML