cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Migrating DE 7.1.3 clients from one ePO to another ePO in different domain

Team,

We need to move around 150 clients from one ePO to another ePO.

Both the ePOs are in different domains

ePO version is 5.3.2

If I give an example

1. we have around 150 systems with DE 7.1.3 installed and communicating with ePO B

2. We have two ePO servers ==> ePO A and ePO B

3. these systems have the DE installed and managed from ePO B

4. however these 150 systems now have to be managed from ePO A as we have disabled the communication from these clients reporting to the ePO B

5. As of now we cannot enable the communication from these clients to the ePO B for security reasons

6. But need these 150 clients to be managed by ePO A  with the Drive Encryption working fine as configured

Is it possible to build a plan to migrate these clients to ePO A with their related MDE configurations (recovery keys…) working properly as before ? provided both the ePOs are in different domains?

If it is possible please assist to share some action plan how we can proceed further to achieve our goal

we have quite a few articles however they can help in case we have the same domain

Please advise if it is possible at all

thanks

3 Replies

Re: Migrating DE 7.1.3 clients from one ePO to another ePO in different domain

Team,

Cane we get some response to the above query

Thanks in advance

Re: Migrating DE 7.1.3 clients from one ePO to another ePO in different domain

I did a successful migration of about 500 encrypted systems from 1 ePO server (4.6.8) in one forest to another ePO server (5.3.2) in another forest. The other hitch was that the systems and users themselves were also being migrated to a different forest. I think your scenario is actually a little bit easier.

Long story short - Register the AD domains as Registered Servers. Enable System transfer via Web-API. As long as the ePO server can find the already assigned users in Active Directory, it will "ship" them back up to ePO and assign them to the leafNodes.

Take a look at the System Transfer feature that was introduced with McAfee Drive Encryption 7.1.3 and up.

On the new ePO 5.3.2 server , I enabled DE System Transfer via the following web-api command:  https://ePOserver:8443/remote/eeadmin.enableSystemTransfer?enable=true

The following commands will be useful also.

https://ePOserver:8443/remote/eeadmin.enableSystemTransfer?

https://ePOserver:8443/remote/eeadmin.enableSystemTransfer?maxUsers=30

https://ePOserver:8443/remote/eeadmin.listRegisteredServers?

https://ePOserver:8443/remote/eeadmin.listRegisteredServers?serverType=epo

https://ePOserver:8443/remote/eeadmin.listRegisteredServers?serverType=ldap

https://ePOserver:8443/remote/eeadmin.enableSystemTransfer?searchOrder=3,4,2

Re: Migrating DE 7.1.3 clients from one ePO to another ePO in different domain

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community