cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

Migrating DE 7.1.3 clients from one ePO to another ePO in different domain

Team,

We need to move around 150 clients from one ePO to another ePO.

Both the ePOs are in different domains

ePO version is 5.3.2

If I give an example

1. we have around 150 systems with DE 7.1.3 installed and communicating with ePO B

2. We have two ePO servers ==> ePO A and ePO B

3. these systems have the DE installed and managed from ePO B

4. however these 150 systems now have to be managed from ePO A as we have disabled the communication from these clients reporting to the ePO B

5. As of now we cannot enable the communication from these clients to the ePO B for security reasons

6. But need these 150 clients to be managed by ePO A  with the Drive Encryption working fine as configured

Is it possible to build a plan to migrate these clients to ePO A with their related MDE configurations (recovery keys…) working properly as before ? provided both the ePOs are in different domains?

If it is possible please assist to share some action plan how we can proceed further to achieve our goal

we have quite a few articles however they can help in case we have the same domain

Please advise if it is possible at all

thanks

3 Replies
Highlighted

Re: Migrating DE 7.1.3 clients from one ePO to another ePO in different domain

Team,

Cane we get some response to the above query

Thanks in advance

Highlighted

Re: Migrating DE 7.1.3 clients from one ePO to another ePO in different domain

I did a successful migration of about 500 encrypted systems from 1 ePO server (4.6.8) in one forest to another ePO server (5.3.2) in another forest. The other hitch was that the systems and users themselves were also being migrated to a different forest. I think your scenario is actually a little bit easier.

Long story short - Register the AD domains as Registered Servers. Enable System transfer via Web-API. As long as the ePO server can find the already assigned users in Active Directory, it will "ship" them back up to ePO and assign them to the leafNodes.

Take a look at the System Transfer feature that was introduced with McAfee Drive Encryption 7.1.3 and up.

On the new ePO 5.3.2 server , I enabled DE System Transfer via the following web-api command:  https://ePOserver:8443/remote/eeadmin.enableSystemTransfer?enable=true

The following commands will be useful also.

https://ePOserver:8443/remote/eeadmin.enableSystemTransfer?

https://ePOserver:8443/remote/eeadmin.enableSystemTransfer?maxUsers=30

https://ePOserver:8443/remote/eeadmin.listRegisteredServers?

https://ePOserver:8443/remote/eeadmin.listRegisteredServers?serverType=epo

https://ePOserver:8443/remote/eeadmin.listRegisteredServers?serverType=ldap

https://ePOserver:8443/remote/eeadmin.enableSystemTransfer?searchOrder=3,4,2

Highlighted

Re: Migrating DE 7.1.3 clients from one ePO to another ePO in different domain

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community