This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SEC migration from a DC

Hi, need to migrate SEC from Server 2008R2 to new virtual server running Server2016.

Problem I have read - Current server is a DC, but the new server will not be a DC. What are the pitfalls and steps with the first server already being a DC.
(this is installed way back and has always been ok)

Are their instructions about this scenario anywhere please?

Many Thanks

Trev



This thread was automatically locked due to age.
Parents
  • Hi  

    It is recommended that Enterprise Console is not installed on a Domain Controller. It is also likely that additional security settings have been configured on a DC which could prevent Enterprise Console installing one of which is listed in this article. You can refer to this migration guide for migrating Sophos Enterprise console from one server to another. 

    Shweta

    Community Support Engineer | Sophos Technical Support
    Are you a Sophos Partner? | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
    The New Home of Sophos Support Videos! - Visit Sophos Techvids
  • Hi, thanks for the reply. I wasn't clear.

    SEC is already installed on the 2008R2 DC. it has been on there for at least 7 years, it was server 2003 before that.

    I want to migrate SEC from the old current DC to a new virtual server that wont be a DC. Are there likely to be any issues that anyone is aware of?

    The migration literature only seems to mention that they should both not be a DC, but I cant find any info to say what to do if one of them already is a DC with SEC installed.

    Thanks

     

  • Hi  

    Datacenter edition is supported for SEC 5.5.0, 5.5.1 and 5.5.2. Please go through the below screenshot.

    Regards,

    Jasmin
    Community Support Engineer | Sophos Support

    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

  • Hi,

    appreciate the help... a lot..

    Reinstalling SQL and restarting the VM worked and the Build completed.

    We continued the migration and are now in the process of protecting the endpoints from the new SEC.

    It is all working on our Virtual 2016 server on our Hyper-V machine so I am not sure what wont work?

  • Hi  

    You're welcome.

    Your scenario is completely supported and the build should be completed successfully as you are running Windows server 2016 may be standard edition VM on physical Hyper-V server.

    Regards,

    Jasmin
    Community Support Engineer | Sophos Support

    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

  • Thanks for all the help with this..,, but...

    Install completed and endpoints are gradually reappearing in the console.

    We now want to upgrade from 550 to SEC 552.  on trying the install we get an error message on the pre check 

    You don't have sufficient database rights.

    I followed the /kb/en-us/124245 what to do and run the SQLCMD, the user account is in the list.

    I tried to add it again and it says the server principal already exists...

    this Sophos admin account is a member of Sophos DB Admins, Sophos DB Users, Domain Admins, Sophos Full and Sophos Console..

    I was trying to run it from my desktop as a remote desktop session as its a VM. I ran the installer "Run as Administrator"

    I also tried it on the Hyper-V server itself with the same result..

    I disabled UAC through the registry with the same result.

    The whole migration was done on this account..

    Am I missing something else?

     

  • Hello tstan,

    could you show the associated Sophos_bootstrapper log (please make sure that sensitive information is removed)? 

    Christian

  • Hi, 

    I have noticed something in this file that I missed first time..  

    could this be it .. 

    about a third of the way down.  On the error lines it shows SophopsServer and this should be SophosServer  I've typo'ed somewhere.

    2/03/2020 13:08:02, INFO : Finished retrieving instances - Timeout
    12/03/2020 13:08:17, ERROR : COM error. Connection string: Application Name=SEC Bootstrapper;Database=master;Provider=SQLNCLI11;Server=SophopsServer\SOPHOS;Trusted_Connection=Yes;DataTypeCompatibility=80; - Error: Unspecified error, Description: SQL Server Network Interfaces: Error Locating Server/Instance Specified [xFFFFFFFF].
    12/03/2020 13:08:17, INFO : Checking for presence of database: SOPHOSENC51 on instance: SophopsServer\SOPHOS...
    12/03/2020 13:08:34, ERROR : COM error. Connection string: Application Name=SEC Bootstrapper;Database=master;Provider=SQLNCLI11;Server=SophopsServer\SOPHOS;Trusted_Connection=Yes;DataTypeCompatibility=80; - Error: Unspecified error, Description: SQL Server Network Interfaces: Error Locating Server/Instance Specified [xFFFFFFFF].
    12/03/2020 13:08:34, INFO : Installation value ID '29': ENCDBVERSION="0"

  • I will change the typo's in the registry and see what happens. 

     

  • Got past the first hurdle, but on to the next..

     

  • Hello tstan,

    these are just warnings, simply proceed.

    Christian

  • I did and it failed, just going through the log file now..

     

    12/03/2020 14:15:04, INFO : Installation value ID '12': INSTALLDIR="C:\Program Files\Sophos" INSTALLDIR32="C:\Program Files (x86)\Sophos" SUM_INSTALLDIR="C:\Program Files (x86)\Sophos\Update Manager"
    12/03/2020 14:15:04, INFO : Installation value ID '19': UPGRADE="1"
    12/03/2020 14:15:04, INFO : Installation value ID '6': SERVER_COMPUTERNAME="SophosServer"
    12/03/2020 14:15:04, INFO : Installation value ID '5': SERVER_PORT="80"
    12/03/2020 14:15:04, ERROR : No Sophos Credential Store Service found: 80040154
    12/03/2020 14:15:04, INFO : Installation value ID '1': SERVER_USERNAME="sophosadmin"
    12/03/2020 14:15:04, INFO : Installation value ID '2': SERVER_USERNAMEDOMAIN="????"
    12/03/2020 14:15:05, ERROR : No Sophos Credential Store Service found: 80040154
    12/03/2020 14:15:06, INFO : Installation value ID '4': SERVER_USERNAMEPASSWORD="********"
    12/03/2020 14:15:06, INFO : upn found: Administrator@?????????????
    12/03/2020 14:15:06, INFO : Installation value ID '3': SERVER_UPN="Administrator@???????????"

     

     

    12/03/2020 14:32:52, INFO : Verifying files in folder
    12/03/2020 14:32:53, INFO : Target folder verification completed successfully
    12/03/2020 14:32:53, INFO : About to install Database64.msi
    12/03/2020 14:33:27, INFO : Processing INSTALLMESSAGE_TERMINATE message from MSI
    12/03/2020 14:33:27, INFO : Ended installing Database64.msi
    12/03/2020 14:33:29, INFO : Installation of Database succeeded
    12/03/2020 14:33:29, INFO : Verifying files in folder
    12/03/2020 14:33:29, INFO : Target folder verification completed successfully
    12/03/2020 14:33:29, INFO : About to install CredStore.msi
    12/03/2020 14:33:49, INFO : Processing INSTALLMESSAGE_TERMINATE message from MSI
    12/03/2020 14:33:49, INFO : Ended installing CredStore.msi
    12/03/2020 14:33:51, INFO : Installation of Sophos Credential Store Service succeeded
    12/03/2020 14:33:51, INFO : Verifying files in folder
    12/03/2020 14:33:52, INFO : Target folder verification completed successfully
    12/03/2020 14:33:52, INFO : About to install Server64.msi
    12/03/2020 14:33:53, INFO : Processing INSTALLMESSAGE_TERMINATE message from MSI
    12/03/2020 14:33:53, INFO : Installation of Server64.msi failed with error code: 1603
    12/03/2020 14:33:53, INFO : Ended installing Server64.msi
    12/03/2020 14:33:55, INFO : Installation of Management Server failed with error code: 1603
    12/03/2020 14:33:55, INFO : Deactivate state: Installing
    12/03/2020 14:33:55, INFO : Activate state: Failed
    12/03/2020 14:33:55, INFO : Entered Installation failed page.
    12/03/2020 14:34:45, INFO : Opening logs folder: C:\ProgramData\Sophos\Management Installer
    12/03/2020 14:36:14, INFO : Finished Bootstrapper
    12/03/2020 14:36:14, INFO : Cleaned up socket.
    12/03/2020 14:36:14, INFO : Uninitialized COM in main thread

Reply
  • I did and it failed, just going through the log file now..

     

    12/03/2020 14:15:04, INFO : Installation value ID '12': INSTALLDIR="C:\Program Files\Sophos" INSTALLDIR32="C:\Program Files (x86)\Sophos" SUM_INSTALLDIR="C:\Program Files (x86)\Sophos\Update Manager"
    12/03/2020 14:15:04, INFO : Installation value ID '19': UPGRADE="1"
    12/03/2020 14:15:04, INFO : Installation value ID '6': SERVER_COMPUTERNAME="SophosServer"
    12/03/2020 14:15:04, INFO : Installation value ID '5': SERVER_PORT="80"
    12/03/2020 14:15:04, ERROR : No Sophos Credential Store Service found: 80040154
    12/03/2020 14:15:04, INFO : Installation value ID '1': SERVER_USERNAME="sophosadmin"
    12/03/2020 14:15:04, INFO : Installation value ID '2': SERVER_USERNAMEDOMAIN="????"
    12/03/2020 14:15:05, ERROR : No Sophos Credential Store Service found: 80040154
    12/03/2020 14:15:06, INFO : Installation value ID '4': SERVER_USERNAMEPASSWORD="********"
    12/03/2020 14:15:06, INFO : upn found: Administrator@?????????????
    12/03/2020 14:15:06, INFO : Installation value ID '3': SERVER_UPN="Administrator@???????????"

     

     

    12/03/2020 14:32:52, INFO : Verifying files in folder
    12/03/2020 14:32:53, INFO : Target folder verification completed successfully
    12/03/2020 14:32:53, INFO : About to install Database64.msi
    12/03/2020 14:33:27, INFO : Processing INSTALLMESSAGE_TERMINATE message from MSI
    12/03/2020 14:33:27, INFO : Ended installing Database64.msi
    12/03/2020 14:33:29, INFO : Installation of Database succeeded
    12/03/2020 14:33:29, INFO : Verifying files in folder
    12/03/2020 14:33:29, INFO : Target folder verification completed successfully
    12/03/2020 14:33:29, INFO : About to install CredStore.msi
    12/03/2020 14:33:49, INFO : Processing INSTALLMESSAGE_TERMINATE message from MSI
    12/03/2020 14:33:49, INFO : Ended installing CredStore.msi
    12/03/2020 14:33:51, INFO : Installation of Sophos Credential Store Service succeeded
    12/03/2020 14:33:51, INFO : Verifying files in folder
    12/03/2020 14:33:52, INFO : Target folder verification completed successfully
    12/03/2020 14:33:52, INFO : About to install Server64.msi
    12/03/2020 14:33:53, INFO : Processing INSTALLMESSAGE_TERMINATE message from MSI
    12/03/2020 14:33:53, INFO : Installation of Server64.msi failed with error code: 1603
    12/03/2020 14:33:53, INFO : Ended installing Server64.msi
    12/03/2020 14:33:55, INFO : Installation of Management Server failed with error code: 1603
    12/03/2020 14:33:55, INFO : Deactivate state: Installing
    12/03/2020 14:33:55, INFO : Activate state: Failed
    12/03/2020 14:33:55, INFO : Entered Installation failed page.
    12/03/2020 14:34:45, INFO : Opening logs folder: C:\ProgramData\Sophos\Management Installer
    12/03/2020 14:36:14, INFO : Finished Bootstrapper
    12/03/2020 14:36:14, INFO : Cleaned up socket.
    12/03/2020 14:36:14, INFO : Uninitialized COM in main thread

Children
  • And errors in the Sophos_Server64MSi log

    GetSumCredentialsFromCredStore: Initialized.
    GetSumCredentialsFromCredStore: No Sophos Credential Store Service found: 80070005
    GetSumCredentialsFromCredStore: Error 0x80004005: Failed to get username
    CustomAction CredStore.GetSUMCredentials returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)
    Action ended 14:33:53: CredStore.GetSUMCredentials. Return value 3.
    Action ended 14:33:53: INSTALL. Return value 3.

  • Hello tstan,

    is the Sophos Credential Store service running - assuming the Credential Store has been installed?

    Something similar has been mentioned in the Upgrade fails thread but I'm not sure about the sequence of events in your case. First the bootstrapper refused to continue because of the database rights issue. With the next attempt it installed the 5.5.2 database and the new Credential Store and then failed installing the Server? Which Sophos components and versions are in Programs and Features?

    Christian

  • Apologies, was called away on Friday.

    Credential store is running.

    now if I try and run the new installer, I get this..

     

    I am about ready to scrap the whole thing, delete the serve and start from scratch..

    Would the old migrated server still be usable if I redirect the endpoints back?

     

    thanks

  • Hello tstan,

    not surprisingly the versions of the components are different (I've mentioned it in the story of the second server) and there is an applicable article: Sophos Enterprise Console: Installer has detected different versions of the components installed. Your first screenshot shows that the Credential Store is installed but I assume you have checked that the service is indeed running. As it's not clear what the status was during your first attempt to upgrade a second attempt (after uninstalling the database component) might or might not succeed.

    The old server should still be usable, naturally the changes and history done on and recorded by the new server aren't available on the old one.

    Christian 

  • Hi, 

    Followed the KB and uninstalled the DB.

    Following an attempted reinstall -552.. Upgrade....  I now get this:

     

    16/03/2020 09:32:49, INFO : Installation value ID '5': SERVER_PORT="80"
    16/03/2020 09:32:49, ERROR : GetUsername operation results: 80131577
    16/03/2020 09:32:49, INFO : Installation value ID '1': SERVER_USERNAME="sophosadmin"
    16/03/2020 09:32:49, INFO : Installation value ID '2': SERVER_USERNAMEDOMAIN="????"
    16/03/2020 09:32:49, ERROR : GetPassword operation results: 80131577
    16/03/2020 09:32:49, INFO : Installation value ID '4': SERVER_USERNAMEPASSWORD="********"

    16/03/2020 09:32:49, INFO : Finished retrieving instances - Timeout
    16/03/2020 09:32:49, INFO : Obtaining remote SQL instances on network...
    16/03/2020 09:32:50, INFO : Finished retrieving instances - Timeout
    16/03/2020 09:33:05, ERROR : COM error. Connection string: Application Name=SEC Bootstrapper;Database=master;Provider=SQLNCLI11;Server=;Trusted_Connection=Yes;DataTypeCompatibility=80; - Error: Unspecified error, Description: Named Pipes Provider: Could not open a connection to SQL Server [2].
    16/03/2020 09:33:05, INFO : Checking for presence of database: SOPHOSENC51 on instance: ...
    16/03/2020 09:33:20, ERROR : COM error. Connection string: Application Name=SEC Bootstrapper;Database=master;Provider=SQLNCLI11;Server=;Trusted_Connection=Yes;DataTypeCompatibility=80; - Error: Unspecified error, Description: Named Pipes Provider: Could not open a connection to SQL Server [2].
    16/03/2020 09:33:20, INFO : Installation value ID '29': ENCDBVERSION="0"
    16/03/2020 09:33:20, INFO : SupportedOS isFatal: 1
    16/03/2020 09:33:21, INFO : Entered Welcome page.
    16/03/2020 09:33:30, INFO : Running System Property Check: User must be an administrator on this computer...
    16/03/2020 09:33:30, INFO : System Property Check: User must be an administrator on this computer - PASSED
    16/03/2020 09:33:30, INFO : Running System Property Check: All SEC components installed must be the same version...
    16/03/2020 09:33:30, INFO : Found installed component: {FC2876E5-3698-4534-A126-52792C4F0350} version: 5.5.0
    16/03/2020 09:33:30, INFO : Found MSI: \Console64.msi version: 5.5.2
    16/03/2020 09:33:30, INFO : Found installed component: {9BCC5C9E-94B6-40CA-A025-2A33C78256C6} version: 5.5.0
    16/03/2020 09:33:30, INFO : Found MSI: \Server64.msi version: 5.5.2
    16/03/2020 09:33:30, INFO : Found MSI: \Database64.msi version: 5.5.2
    16/03/2020 09:33:30, INFO : Found installed component: {2C7A82DB-69BC-4198-AC26-BB862F1BE4D0} version: 1.7.1.19
    16/03/2020 09:33:30, INFO : Found MSI: SUM.msi version: 1.6.2.186
    16/03/2020 09:33:30, INFO : System Property Check: All SEC components installed must be the same version - PASSED
    16/03/2020 09:33:30, INFO : Entered Eula page.
    16/03/2020 09:33:31, INFO : Accepted Eula.
    16/03/2020 09:33:32, INFO : Running System Property Check: Support operating system version and service pack must be installed...
    16/03/2020 09:33:32, INFO : SupportedOS: Version: 10.0.14393 SP: 0.0 Architecture: 64-bit Edition: 18 Name: Microsoft Windows Server 2016 Standard|C:\Windows|\Device\Harddisk0\Partition2 Type: 3

     

    and Program and Features show: 551 instead of 552 for SDM..

    Going back to the old server in preparation for deleting this VM and starting from scratch. thinking that might be a quicker solution? 

  • Hello tstan,

    deleting this VM and starting from scratch
    might indeed be quicker. In principle it is possible to skip the install and migration of 5.5.0 on the new server.

    Christian

  • I really just wanted the policies so I didn't have to recreate them, but I guess I can open them both now and just reproduce them.

    Thanks for all your help with this.

  • Hello tstan,

    the policies are - like most data (groups, computers, their alerts and events, ...) - contained in the database. It's all that stuff or none of it.

    Christian