Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 29 replies
  • Subscribers 1 subscriber
  • Views 46851 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

moving local sophos DB to new extrnal DB Server

Roy Carlo Bago

Hi all..

we have sophos console 5.2, the plan is to upgrade to 5.4.1 then migrate to new server, then have the new server point to extrnal DB.

someone did the upgrade, and when i tried to migrate i faced an error during restoring backup DB as shown, you can see the existance of SOPHOSENC52.bac, i think it shouldn't appear as it is related to old version!, not 5.4.1!. what could be the problem here? shall i reupgrade the old server again?

 

and lets supose that the migration of sophos console 5.4.1 from win server 2008 to win server 2016 running SQL server 2016 was done successfully, then after migration we want to config that new server to point to an extrnal DB insted of local DB (moving local DB to external SQL server). they will give me that external DB instance and login account only.

what i understood is that i will modify registry values to point to that external DB:

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\EE\ManagementTools\Database Installer

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\EE\ManagementTools\DatabaseUser

and then delete the local DB

please correct me because i really got confused at this step!.



This thread was automatically locked due to age.
  • 0

    Hello Roy Carlo Bago,

    first of all, the associated database names don't always contain the current version. Furthermore Encryption (SDE) has been withdrawn and SOPHOSENC52 is no longer used.

    Why 5.4.1 and not 5.5.0? Even 5.5.0 can't fully manage the current SAV 10.7 (5.5.1 should be out soon) but more important 5.4.1 doesn't support Server 2016.

    Whether you've actually used SDE or not you should follow Sophos Enterprise Console 5.4.0 - How to remove Encryption to prepare your old server for migration. Afterwards run DataBackupRestore.exe to back up everything. Install the new (5.5.0) Database component (or the databases manually) on the remote SQL server. Copy the database backups to the SQL server and use RestoreDB.bat to restore the old databases (specify the correct database names). On the new management server follow the migration guide, skip the database component install and restore. Install just the Sever and Console components of SEC, point to the remote database when prompted. Make sure the Database User has the necessary rights on the SQL server.

    Christian

  • 0 in reply to QC

    Hi Christian..

    thank you very much for your reply,

    i hope i can install 5.5.0 but they asked me they made a plan and tried to upgrade to 541!, i searched here and found 541 supports SQL2016, so do you mean windows 2016 insted?, i ran it on win2016 in my testing lab and it works.

    and for backup and restore DB, if i'm using the the tool DataBackupRestore.exe for backup at old server and restore at new server, then why do i need RestoreDB.bat?.

    and i understood that: i will be giving the 3 DBs (SOPHOS540, SOPHOSPATCH52, SOPHOSSECURITY) to the DB Admin guy, and get from him DB instance and user account sothat i can point to them during installing (console and management) on new server, so i'm expecting that the db user are in the same domain as the new server is so that it can be shown in domain or groups when prompt.

  • 0 in reply to Roy Carlo Bago

    Hello Roy Carlo Bago,

    do you mean windows 2016
    yes, SEC 5.4.1 is not officially supported on Windows Server 2016, doesn't mean it won't work though.

    restore at new server [with DataBackupRestore.exe]
    as you want the databases on a remote server you'd not restore them on the management server. DataBackupRestore.exe is in the Enterprise Console program directory - of course you (or your DB Admin) could copy the directory to the SQL server, DBR.exe simply calls TRS.bat which is in principle the same as RestoreDB.bat - the latter is part of the Database component.

    To repeat more clearly arranged:

    • remove Encryption from the old server
    • run DataBackupRestore.exe -action=backup
    • install the Database Component on the SQL server (optional but recommended, otherwise the databases must be manually created)
    • restore the 5.2 databases on the SQL server
    • run the SEC installer on the new management server deselecting the Database Component; point to the remote SQL server/instance when prompted
    • the Management Service will detect the old databases and migrate them to the new ones

    I've left out the detailed migration steps for the management server (e.g. restoring certificates). Note while the Guide describes a same-version migration an upgrade-migration is possible and at least semi-official.
    It sounds more complicated than it actually is.

    Christian

  • 0 in reply to QC

    Thank you Christian, i have an appointment tomorrow to this task.

    i will follow your steps and get back to you.

  • 0 in reply to QC

    Christian..

    i ran the tool backupdb.bat and got these error!, can you clarify what is wrong!

  • 0 in reply to Roy Carlo Bago

    Hello Roy Carlo Bago,

    backing up the new database? Is it local?

    Christian

  • 0 in reply to QC

    yes.. it is a test lab. even the udl file works!

  • 0 in reply to Roy Carlo Bago

    Hello Roy Carlo Bago,

    the first attempt fails as it gets an Access denied trying to write to the volume root. The backup location must be writable for the SQL Server.
    The second fails as you didn't specify the instance, just the server (and it would have failed with the Access denied as well).

    Christian

  • 0 in reply to QC

    i gave the db admin the full control.. it fails too!, where can i backup, i have only one volume, C:\

  • 0 in reply to Roy Carlo Bago

    Hello Roy Carlo Bago,

    AFAIK the backup task is executed with the rights of the SQL Server - not the user requesting the BACKUP DATABASE.

    Christian

Unfiltered HTML