cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

Can I use DNS to point agents to a new ePO server?

Jump to solution
We are in the midst of transferring systems to our new ePO server. The old server is due to be retired at the end of the month. Is it best to change the DNS from the old server to the new one? Will an agent checkin to a new ePO server with a DNS change? Thanks in advance.
4 Solutions

Accepted Solutions
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: Can I use DNS to point agents to a new ePO server?

Jump to solution

Hi @dhunt03 

Thank you for your Post! I am afraid a DNS change would not be helpful here.  It is due to the reason that the new Server has a new ePO that might just have a completely different set of Certificates for communication. The Agent talks to the epo only after authentication and hence when the agent tries to talk to the new ePO server, it is expected to fail owing to authentication issue(unless the New Server is a clone of the Old Server).

In general, We would recommend following the below procedure for a complete and successful migration of endpoint form one ePO to another.

https://kc.mcafee.com/corporate/index?page=content&id=KB88822

By following this KBA, we are ensuring that we migrate not just the systems, but the policies, tasks, reports and their assignments along with the entire System Tree structure is migrated! Please do let us know if this works for you!

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T

View solution in original post

Highlighted

Re: Can I use DNS to point agents to a new ePO server?

Jump to solution

Thank you for the response. We ended up taking a snapshot from, from the ePO server being retired, of all endpoints and comparing them to the list in the new ePO server and sending agents to the ones that were missing.  This will be helpful in the future...

 

View solution in original post

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 5

Re: Can I use DNS to point agents to a new ePO server?

Jump to solution

Hi @dhunt03,

Thank you for your kind update! I am glad it all worked well for you! Kudos to you for keeping us posted on what worked for you 🙂

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T

View solution in original post

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 5

Re: Can I use DNS to point agents to a new ePO server?

Jump to solution

Hi dhunt03,

DNS change is not going to affect the EPO to agent server communication. Agents will communicate using IP/Hostname/FQDN. As long as if your new EPO server has the same information, agents will still communicate. 

Secondly, when you say transferring system, did you perform system transfer between lower version to higher (EX : EPO 5.9 to EPO 5.10). 

OR

If you are just moving EPO from one server to another server, please follow the below article in future.

https://kc.mcafee.com/corporate/index?page=content&id=KB71078

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

View solution in original post

4 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: Can I use DNS to point agents to a new ePO server?

Jump to solution

Hi @dhunt03 

Thank you for your Post! I am afraid a DNS change would not be helpful here.  It is due to the reason that the new Server has a new ePO that might just have a completely different set of Certificates for communication. The Agent talks to the epo only after authentication and hence when the agent tries to talk to the new ePO server, it is expected to fail owing to authentication issue(unless the New Server is a clone of the Old Server).

In general, We would recommend following the below procedure for a complete and successful migration of endpoint form one ePO to another.

https://kc.mcafee.com/corporate/index?page=content&id=KB88822

By following this KBA, we are ensuring that we migrate not just the systems, but the policies, tasks, reports and their assignments along with the entire System Tree structure is migrated! Please do let us know if this works for you!

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T

View solution in original post

Highlighted

Re: Can I use DNS to point agents to a new ePO server?

Jump to solution

Thank you for the response. We ended up taking a snapshot from, from the ePO server being retired, of all endpoints and comparing them to the list in the new ePO server and sending agents to the ones that were missing.  This will be helpful in the future...

 

View solution in original post

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 5

Re: Can I use DNS to point agents to a new ePO server?

Jump to solution

Hi @dhunt03,

Thank you for your kind update! I am glad it all worked well for you! Kudos to you for keeping us posted on what worked for you 🙂

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T

View solution in original post

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 5

Re: Can I use DNS to point agents to a new ePO server?

Jump to solution

Hi dhunt03,

DNS change is not going to affect the EPO to agent server communication. Agents will communicate using IP/Hostname/FQDN. As long as if your new EPO server has the same information, agents will still communicate. 

Secondly, when you say transferring system, did you perform system transfer between lower version to higher (EX : EPO 5.9 to EPO 5.10). 

OR

If you are just moving EPO from one server to another server, please follow the below article in future.

https://kc.mcafee.com/corporate/index?page=content&id=KB71078

Was my reply helpful?

If you find this post useful, please give it a Kudos! Also, please don't forget to select "Accept as a Solution" if this reply resolves your query!

View solution in original post

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community