Clients not reporting in after server to server migration

Hello Fiona Johnson,

I installed a client from our old server
how did you do this? With a package built on/from the old server?

What has changed? As you exported the certificates and imported them before SEC install the server should be "the same" (regardless of its name or IP). Also the old package or whatever seems to find the new server. So basically everything should be ok.

the router logs
from the server or from an endpoint that doesn't report? The latter would be required, ideally from after a restart of the Message Router service.

Christian

Hi Christian,

Thanks for the response. Yes i installed it with a package built from the old server. It was one I had created on the server before and i just reused it.

Yes i would have thought everything was the exact same, the only reason i installed it was as i mentioned, it is not that easy for me to get to the clients so i was hoping to check the communications report from my machine to see if there were any errors reporting in and help me figure out the issue with the other clients. I am now even more confused as its working ok. 

I have been checking the router logs from the server as i have been struggling to get hold of a client. Not all our users are based here i am meeting someone this afternoon so i will check the logs then. 

I followed the steps in the server to server migration guide with regards certificates etc so they should have been installed at exactly the right point. 

Hello Fiona Johnson,

if the old package works then existing endpoints should find the new server. It might take some time until they notice that the old one is gone (what is your updating interval) but rather sooner than later at least some connect. There might be a simple explanation that I'm missing - right now only rather complex scenarios come to my mind.

Can you tell what has changed and what not? You have additional SUMs and they automatically found the new server? Definitely no firewall involved - client, server, or network (sounds crazy when SUMs and your computer can communicate - but nowadays this can be very complex and not too long ago preparing for migration I tripped over missing/incomplete rules, one on the server and one between network segments).

Christian

Hi Christian,

I don't think they are going to find the server, the last message time for the ones migrated over is the 28th. So i am a bit stressed as you can imagine! Thankfully i tried first with one of our older machines with only a handful of clients still connecting to it. 

With regards changes, nothing has changed, i kept the old hostname and ip address, i took the other one down for the migration. When you say additional SUMs? I don't know what you mean by this? I added the same as what was on the previous server and that is working fine. 

I have checked with our networks team and they have verified the ports are all open. here are no firewall or access lists blocking it from the network side. Any computer i run an nmap from shows the ports open. My firewall is configured the same as it was on the old server exactly, t. The only error message i see in the router logs, when i try update now on any of the hosts  from the console is the cobra error i mentioned before, i have even turned on the verbose logging which i saw you recommend to someone else, in another post but it really doesn't tell me much else. 

I have been reading these forums the past few days and i have followed a lot of steps but nothing seems to check out for me. :(

Hello Fiona Johnson,

I thought you were referring to SUMs with the update managers are working.

when i try update now
Caught cobra system exception doesn't tell more than An error occurred. It's very unspecific, at best you can guess from the preceding lines what it's about. Update now is a command that is either sent to the endpoint's port 8194 if the connection exists or enqueued on disk to be sent later in response to a message from the endpoint. I can't say whether the corba error is triggered by the command and what it signifies, and whether the preceding lines would give some insight.

It's probably more productive to start with an endpoint's Router log.  

Christian

Hi Christian,

Stupidest solution ever. It turns out these machines were pointing to a Sophos server which was built and retired before my time here. its old hostname and ip were pointing as an alias to my server. Once i added that ip address in as a secondary interface, bingo they all started reporting in.

Sorry for troubling  you!

Hello Fiona Johnson,

good to hear it works.
Should have mentioned the "even older server" scenario. Might add that it depends on the original mrinit.conf. Normally it contains IPv4,IPv6,FQDN,NetBIOS. NetBIOS is always there, the rest depends. Endpoints try these "addresses" in the specified order. To redirect from an old to a new server an FQDN alias is sufficient (provided none of the old IP addresses can be contacted). I had an endpoint that spent more than five years who knows where (it was a desktop machine). Then one day it suddenly reappeared - finding the server with a CNAME chain. Server had been migrated twice in the meantime. It reported the old updating policy (with a path that no longer existed) and update failures. Forcing policy compliance it updated with the next check.

Christian   

Thanks so much, i have 2 more servers to do and these ones have a lot more clients on them, so appreciate the insight. 

Thanks so much, i have 2 more servers to do and these ones have a lot more clients on them, so appreciate the insight.