cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
feblex
Level 7
Report Inappropriate Content
Message 11 of 23

Re: ePO 4.6.2 - From 2003 32bits to 2008 R2 64bits

Is there anyone here with experience on this?

Re: ePO 4.6.2 - From 2003 32bits to 2008 R2 64bits

I'm no expert, but I use it all the time to transfer machines back and forth between test and production.

Basically after you create an entirely separate install of ePO:

  1. On the old ePO server go to Configuration / Server Settings / Security Keys and press the edit button on the bottom right.
  2. Select the 2048 bit key and export it to disk. Repeat for the 1024 bit key.
  3. On the new ePO server import the 2 keys you just exported. This will allow the agents from the old ePO server to communicate with the new ePO server.
  4. On the old ePO server go to Configuration / Registered Servers and select new.
  5. Select ePO for the server type.
  6. After entering the approprate information use the Test Connection button to verify everything is correctly entered.
  7. Set your Policy Sharing and Client Task Sharing to your preference
  8. Set Transfer Systems to Enabled with Automatic Sitelist Import

You will see a warning about "To successfully transfer a system you must first import the agent-server key the system uses into the remote server." You can ignore this as that is what we did in steps 1 - 3.

You should now be able to use the transfer systems function to move the system(s) from the old ePO server to the new ePO sever. In my case I set it up in both directions and can move machines at will between my test and production severs.  Remember it takes a couple of agent to server communication intervals for the transfer to occur.

Hope this helps

-Dave

Re: ePO 4.6.2 - From 2003 32bits to 2008 R2 64bits

Did the documentation ever get published on how to do this correctly?

alexn
Level 14
Report Inappropriate Content
Message 14 of 23

Re: ePO 4.6.2 - From 2003 32bits to 2008 R2 64bits

gbays
Level 7
Report Inappropriate Content
Message 15 of 23

Re: ePO 4.6.2 - From 2003 32bits to 2008 R2 64bits

I'm in the process of writing a change order and a project plan to do the same thing.  We are upgrading our servers from 2003 to 2008 and I will also wait until you write the KB.  Thanks for all the good information.

Re: ePO 4.6.2 - From 2003 32bits to 2008 R2 64bits

I'm getting ready to move to server 2008 from server 2003 as well.  Just the front end console server - not the DB server at this time.  I've read thru the thread as well as some of these migration documents.  I chose to keep the same server name and IP - I'm building the new servers 'shell' currently and then will be importing policies, tasks, keys, etc this week.  Cutover will involve just taking the current EPO server offline, isolating on a different IP and name and keeping alive if necessary and then renaming the new ones to begin production services.  While this doesn't sound overly complex I just wanted to run this by the group and see if there would be any issues with this method.

thanks

feblex
Level 7
Report Inappropriate Content
Message 17 of 23

Re: ePO 4.6.2 - From 2003 32bits to 2008 R2 64bits

Hi jcain13, days after my last post on november 2012 i was able to migrate my ePO server just following this kb:

https://kc.mcafee.com/corporate/index?page=content&id=KB71078

So basically i changed from 2003 to 2008, 32 to 64 and also the server name all at the same time. Everything is working fine so far, besides what the kb says i had to rename the server in one of the apache configuration files because i was getting an error in the event viewer of windows regarding that and install the HDLP manager software on the server.

After the migration we have not experienced any issue, and basically we have done everything there is to do on ePO (chaging policies, tasks, system tree sorting, taging, reporting, dashboard, new extensions, etc...).

Re: ePO 4.6.2 - From 2003 32bits to 2008 R2 64bits

Feblex - Hi Again.

Did you also change any of the ports from default settings?  I've thought about this somewhat - at least changing the ports that can't be changed later.  Thanks for your info on the other parts of your migration.  Hopefully things go as well for me!  My DB is on a separate box so this is simply just the console and agent handler.

Thoughts?

feblex
Level 7
Report Inappropriate Content
Message 19 of 23

Re: ePO 4.6.2 - From 2003 32bits to 2008 R2 64bits

Having the DB on a separate box is great, i had it like that too so it was easier. About the ports, when i installed the new ePO i checked the ports configuration on my old one to match them before migrating. So i did not change any of the ports i was using on the old one. Also we were already not using all the default ports.

There is also another procedure to change the agent to server communication port after the installation.

Re: ePO 4.6.2 - From 2003 32bits to 2008 R2 64bits

good to know @feblex.  Thanks for all your info!  My upgrade is coming up soon so hopefully I've got everything set and ready to roll!

More McAfee Tools to Help You
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • Visit: Business Service Portal
  • More: Search Knowledge Articles
  • ePolicy Orchestrator Support

    • Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center