We need to move around 150 clients from one ePO to another ePO.
Both the ePOs are in different domains
ePO version is 5.3.2
If I give an example
1. we have around 150 systems with DE 7.1.3 installed and communicating with ePO B
2. We have two ePO servers ==> ePO A and ePO B
3. these systems have the DE installed and managed from ePO B
4. however these 150 systems now have to be managed from ePO A as we have disabled the communication from these clients reporting to the ePO B
5. As of now we cannot enable the communication from these clients to the ePO B for security reasons
6. But need these 150 clients to be managed by ePO A with the Drive Encryption working fine as configured
Is it possible to build a plan to migrate these clients to ePO A with their related MDE configurations (recovery keys…) working properly as before ? provided both the ePOs are in different domains?
If it is possible please assist to share some action plan how we can proceed further to achieve our goal
we have quite a few articles however they can help in case we have the same domain
Please advise if it is possible at all
I did a successful migration of about 500 encrypted systems from 1 ePO server (4.6.8) in one forest to another ePO server (5.3.2) in another forest. The other hitch was that the systems and users themselves were also being migrated to a different forest. I think your scenario is actually a little bit easier.
Long story short - Register the AD domains as Registered Servers. Enable System transfer via Web-API. As long as the ePO server can find the already assigned users in Active Directory, it will "ship" them back up to ePO and assign them to the leafNodes.
Take a look at the System Transfer feature that was introduced with McAfee Drive Encryption 7.1.3 and up.
On the new ePO 5.3.2 server , I enabled DE System Transfer via the following web-api command: https://ePOserver:8443/remote/eeadmin.enableSystemTransfer?enable=true
The following commands will be useful also.