Change computer name ti SGN Server 8

Hello SGN Support team,

Simple question:

I have to change computer name to a SGN Server with

SG Enterprise Database
SG Enterprise Server
SG Management Server

are there any issues or specific procedure to follow, or can I simply change it from system properties?

Any settings to change on Safeguard Enterprise Client?

Thanks and kind regards,

Enrico

  • Hi  

    When renaming a computer with SafeGuard Enterprise installed, you must follow a specific order of steps to avoid side effects.

    Please note that changing the machine name will reset the UMA assignment.

    For BitLocker encrypted machines, procedure is as follows

    1. At Windows, log in with an administrative account.

    2. Change the computer name but DO NOT restart the machine afterward. You can check AD to ensure that the name change was successful.

    3. Synchronise the client with the SafeGuard Enterprise server to ensure that the connection is correctly established (check system tray icon). 

      No files will be transferred, this check is done to make sure that the client can still synchronize to the SGN backend.
    4. Restart the computer.

    5. At Windows, switch user and log into SafeGuard Credential Provider 'Other User'.

    6. Refresh the Management Center, the machine name displayed will change to the new one.

    For SGN VBE machines, the procedure is the same except for Step 1. At POA you need to disable/ uncheck 'Pass through to Windows' so that you can log into Windows with an administrative account.

    Please note that the computer key name will not be changed, it is resent to the SafeGuard Enterprise backend with the old machine name. This means that in the event of recovery, you must use the old machine when searching for keys. Best practice is to use the key GUID instead, as it is unique.

    Further information on recovery can be found in the knowledgebase article SafeGuard Enterprise: Recovery scenarios.

    Hint:

    This KBA is not valid for Mac OS X client with SafeGuard Enterprise installed. To get the new NetBIOS name displayed from a Mac client, you need to perform one Mac terminal command "sudo sgdeadmin --update-machine-info"

    Note: If this is what you are looking for.

  • I fear this will not be as simple as you think as the certificates Sophos SafeGuard uses will be in the old server name and the SSL will be mis-matched. This will prevent clients talking back correctly to the server. 

    I created a whole new infrastructure for my "new" setup, but used the same company cert. That way my old clients could be reconfigured to the new server fairly easily.

    The client will need the new certs from the new/renamed server - and a new configuration file will have to be issued and installed on each client too.

    Is this a large setup and why does the server HAVE to be renamed? This could be quite a bit of hassle if it's just an aesthetic thing?

    From what you're suggesting I would recommend a new setup to be honest....

  • In reply to Haridoss Sreenivasan:

    Hello Haridoss,

     

    thanks for your reply, but probably I was not very clear because you show me the solution to rename Client Machines.

    Kind regards,

    Enrico

  • In reply to EnricoGiac:

    Hi  

    My bad I thought the query was on the Client machine. If it is the SGN Server that you are trying to rename, Is it just the name change? and will the IP address be same?.

    Assuming that the IP address will not change and it's just a name change in the server. Please follow the instruction below:

    In order to change the hostname of the SGN server you will need to complete the following:

    1. Rename the server to the new name you desire
    2. Uninstall the server configuration package
    3. Uninstall the server package
    4. Uninstall the Management Centre
    5. Re-install the Management Centre (ignoring the message about config files existing)
    6. Re-install the server package
    7. Re-register the server
    8. Create a new server configuration package
    9. Create a new client configuration package
    10. Install the new server configuration package
    11. Check for iusr in IIS and make sure the invoke test does not fail
    12. Install the new client configurations

    The reason for this is because the computers have to know what the name is of the server they're trying to get their policy updates, etc. from.....

    Let me know if this helps resolve your query.

  • In reply to MichaelMcLannahan:

    Dear Micheal,

    Thank you for your reply. I'm goint to change the name of the server because it will be moved to another location and I would like to respect the naming convention.

    Surely I will change the IP address of the server, but I suppose IP address is not an issue, doesn't it?

    Kind regards,

     

    Enrico 

  • In reply to Haridoss Sreenivasan:

    Hello Haridoss,

     

    thanks a lot for you kind help. I will also have to change IP address for the reasons I explain to Micheal.

    Any further steps to perform because of the IP change?

     

    Thanks and kind regards,

    Enrico

  • In reply to EnricoGiac:

    Hi Enrico, 

    In case of IP address change, you will still follow the above-mentioned steps and just make sure that the DNS server recognizes the new server name.

  • In reply to Haridoss Sreenivasan:

    Haridoss, What if it is just an IP address change? Matthew
  • In reply to matthew kester:

    As long as certs have been issued with the correct DNS name and this hasn't changed, and IP address change shouldn't matter.

    Assuming of course DNS servers are working as they should and the change has been propagated?