Showing results for 
Show  only  | Search instead for 
Did you mean: 

epo 4.5 - server connection confusion

Just when you think you have heard it all...

epo 4.5 running great.

Migration planned to move server to new datacenter, image taken of server.

Joe Migrator starts server up in new datacenter while Prod epo server is still running. Yikes.

Last night I'm doing maint on prod epo server (shrink db, windows updates, etc..)...

Undetermined # of clients tried to connect to Prod epo, couldnt connect since it was down, somehow found the imaged server (new server name, new ip addr).  I am working on damage control. 

I dont see a log file specifying connection attempts to new server, is there one if log level was default?

When i try to do agent wake up call on "corrupted" client, they aren't talking since the client is looking for other server.

I'm guessing i need to do full agent reinstall or that one low bandwidth method of getting just the xml files updated.

I'm hoping to get a firewall log of connections to new server during maint on Prod server.

On imaged server, I saw a log file saying it couldn't connect to sql server, so that probably means its safe.

Anything else I'm missing or I should be aware of?

Thanks, Jon

2 Replies
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 2 of 3

Re: epo 4.5 - server connection confusion

The connection attempts (to new ePO server) would be logged locally on each agent's logs. (\users\All Users\McAfee\Common Framework\DB\Agent_hostname.log)

Look for lines like this: Connecting to site: EPO_SERVER_IP_ADDRESS

You'll probably see errors connecting to the old server, then the agents will have tried connecting using the DNS name and NETBIOS name.

You would also see the agents communicating with the NEW ePO server in the NEW ePO server's logs: \Program Files (x86)\McAfee\ePolicy Orchestrator\DB\Logs\Server.log

Look for lines that look like this: "Received [PropsVersion] from HOSTNAME"

As far as pointing all your agents to the new ePO server (with new name and IP), the easiest was is to create a CNAME entry for the OLD server pointing to the NEW ePO server's DNS name and to make sure the IP of the old server does not respond on the network anymore.

Agents try to connect to the ePO server using the last known IP, then DNS name or NETBIOS name. If the old IP does not respond, they will do a DNS query for the ePO server name. By having a CNAME with the OLD server name, pointing to the NEW ePO server name, they will find their way to the new sevrer and establish a connection (assuming the ePO keys are the same, which they should if you used an imaging software).

Hope this helps.

Message was edited by: malware-alerts on 16/04/12 13:28:22 CDT

Re: epo 4.5 - server connection confusion

Awesome idea on the dns entry... Thanks !!! We are doing that and a restart of the frame service might make it go!

Thanks again!

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community