I am setting up a new EPO installation. I will have a Production EPO server and a Test EPO server. I am interested in being able to move clients between these two servers. Many of the clients I am moving will have Disk Encryption installed and therefore I need to be careful with the ASCI keys and use the Clinet Migration tool to move clients between the servers.
I am wondering, since I am starting from scratch, if I cant make ASCI keys on one of the servers and then just make the second server use the same two keys exclusively.
So I have Server A and Server B. Neither server have any clients currently. I will make 2 new ASCI keys on server A. Export them from Server A and import them into Server B. Then I will delete the default (original) keys from Server B. and set the keys from Server A ask the master keys on Server B. Both Server A and Server B will share the same 2 master ASCI keys.
Is that legal or do I need to keep all 4 keys -- 2 from Server A and 2 from Server B?
I'm aware of the KB articles which tipped me off to the need to share keys among the servers.
The articles assume that I have two populated EPO servers.
My question is, is there a need for the two servers that I will be moving client between to have their own ASCI keys or can a single set of keys be generated and then used on both servers. The articles mention needing to keep the number of ASCI keys on the servers small.
Is there any reason, when setting up two new servers with no existing clients, why I would not want to use the same ASCI keys on both servers so that in the future I can move the clients between the two servers without needing 4 keys (two from each server)?
If on one of the servers, you have no systems yet that are using any keys, you can import the keys from the server that has clients and then delete the original keys on the server without clients. You do not want to remove keys if agents are using them, otherwise you have to reinstall agents. Be sure to back up any and all keys first before doing anything. 4 keys are not excessive. KB82022 doesn't really specify how many is too many, but from experience, 4 - 6 can be quite normal in large environments.
Was my reply helpful? If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?