1 2 Previous Next 13 Replies Latest reply on Nov 4, 2009 10:04 AM by SafeBoot

    Moving MEE to new server

      Seems this could be problematic if not done correctly. We need to move our MEE console (V5) to a new server. New IP. New DNS.

       

      Do I simply follow the migration guide that comes with the upgrades? I'm sure there would be additional steps but cant find them detailed

       

      Any help appreciated

        • 1. Re: Moving MEE to new server

          There are a few ways to do it and many of them discussed around here in one way or another.  If you weren't also changing DNS, I'd say you'd probably be fine in just moving the box and getting your DNS entries updated to point to the new system, taking the old one offline.  Basically you need to get your client INI updated to check in with the new server and you can do that just about any way you please.

           

          One method I've heard people discuss is by adding a new merge INI to a file group that points to the new server.  On their next sync they'll get the update and start checking in with the database on the new server.  For a period of time though, with this solution, you'd have two databases online (one a copy of the other) and would miss at least one round of auditing as they check in with the old system and get the update to come to the new system.  You'll also need to run some reports to make sure no clients are still somehow checking in with the old box.  And don't forget to update your installer!

           

          If you have the luxury of time, you could point both DNS addresses to the current server & database and then you'd miss nothing as the clients got the new DNS address.  For example, let's assume today your clients connect to serverA.local and you need them to use serverA.newDomain.  You'd point both of those addresses at the current IP address, update the clients INI, and then when you're confident they're all using serverA.newDomain you could change the IP address and delete the old DNS entry.

           

          I would definately suggest engaging support if at all possible to make sure you have a solid and supported plan for your situation.  .

          • 2. Re: Moving MEE to new server

            I largely understand the options you've given. Step by step is what I'm after. Dont want to leave anything to chance.

            • 3. Re: Moving MEE to new server

              Can you provide a bit of background?  What's your timeline and how long can the old server be left online?

              • 4. Re: Moving MEE to new server

                Bit of history

                 

                Network have said it must have public IP. I''m keeping DNS. Needed to be done yesterday. Now just IP to worry about. Reckon it'll be simpler from here on. Just edit sdmcfg.ini to point to the dns not IP and create new install set for future clients yah?

                • 5. Re: Moving MEE to new server

                  If your clients are already connecting using DNS, then yep, much easier!  If you're using IP addresses now in your configuration, just update the SDMCFG.INI in the fileset and as the clients sync they'll get the new file and start syncing by DNS name instead of IP address. Make sure that your clients are configured to download files during the sync or the update will never come down.  Since you're using a public address now, I assume you want these clients to be able to sync while not inside the firewall -- make sure to use the FQDN (xyz.yourco.com) and not just a server name.

                   

                  If you need a step-by-step on updating the INI, let me know and I'll reply when I'm in the office and on the console - I'm home now.         

                  • 6. Re: Moving MEE to new server

                    Ah hell! Looks like we set it up for IP no dns initially

                     

                    So I rejigged the IP address. Edited the sdmcfg.ini to point to our server by dns name. changed the ip address on the server entry in the system tab to the new one and restarted the service.

                     

                    Created new offline install set and deployed. After restart the client did the usual creating "computername"  actually y'know what, heres the log

                     

                    -------------------------------------------------------------------------------- ----------
                    11/4/2009 10:42:06 AM    Starting Endpoint Encryption for PC Client Manager (v5.1.9)
                    11/4/2009 10:42:06 AM    Applying MBR fix
                    11/4/2009 10:42:06 AM    Starting synchronization
                    11/4/2009 10:42:06 AM    Connecting to database: "Transfer Database"
                    11/4/2009 10:42:06 AM    Path=SBXFERDB.SDB
                    11/4/2009 10:42:06 AM    Starting boot protection installation
                    11/4/2009 10:42:06 AM    Machine name = CER-3273
                    11/4/2009 10:42:12 AM    Creating new machine database entry
                    11/4/2009 10:42:13 AM    Group ID=0000006d
                    11/4/2009 10:42:14 AM    Machine ID=00000028
                    11/4/2009 10:42:23 AM    Checking for user updates
                    11/4/2009 10:42:23 AM    Adding user (ID=0000003c) administrator
                    11/4/2009 10:42:23 AM    Adding user (ID=00000019) helpdesk
                    11/4/2009 10:42:23 AM    Adding user (ID=00000027) recourse
                    11/4/2009 10:42:23 AM    Adding user (ID=00000001) SbAdmin
                    11/4/2009 10:42:23 AM    Checking for token data updates
                    11/4/2009 10:42:23 AM    Checking for SSO updates
                    11/4/2009 10:42:23 AM    Checking for Local Recovery updates
                    11/4/2009 10:42:23 AM    Checking for hashes updates
                    11/4/2009 10:42:23 AM    Not checking for file updates (offline database)
                    11/4/2009 10:42:23 AM    Finalising boot protection installation
                    11/4/2009 10:42:25 AM    Updating SBFS file "Bar.png"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Middle.png"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Stripe.png"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Bar.png"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Middle.png"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Stripe.png"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Bar.png"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Middle.png"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Stripe.png"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Graphics.ini"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Tahoma12B.pbf"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Tahoma18B.pbf"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Tahoma8.pbf"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Tahoma8B.pbf"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Logonbanner.png"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Options.png"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Recovery.png"
                    11/4/2009 10:42:25 AM    Updating SBFS file "Locale.ini"
                    11/4/2009 10:42:25 AM    Applying configuration
                    11/4/2009 10:42:25 AM    Starting remote access server on port 5556
                    11/4/2009 10:42:25 AM    Synchronization complete
                    11/4/2009 10:42:25 AM    Applying cryption changes
                    11/4/2009 10:42:41 AM    Starting synchronization
                    11/4/2009 10:42:41 AM    SbFs total space = 20879360 bytes (19.91 MB)
                    11/4/2009 10:42:41 AM    SbFs free space = 19611648 bytes (18.70 MB)
                    11/4/2009 10:42:41 AM    Pausing cryption
                    11/4/2009 10:42:41 AM    Connecting to database: "myservername"
                    11/4/2009 10:42:41 AM    Address=xx.xx.x.xx            -names changed to protect the innocent!
                    11/4/2009 10:42:41 AM    Port=5555
                    11/4/2009 10:42:41 AM    Authenticate=Yes
                    11/4/2009 10:42:42 AM    Error [db010010]: Object not found
                    11/4/2009 10:42:42 AM    Checking for user updates
                    11/4/2009 10:42:42 AM    Error [db010010]: Object not found
                    11/4/2009 10:42:42 AM    Checking for hashes updates
                    11/4/2009 10:42:42 AM    Transferring local audit information to database
                    11/4/2009 10:42:42 AM    Checking for file updates
                    11/4/2009 10:42:42 AM    Error [db010010]: Object not found
                    11/4/2009 10:42:42 AM    Applying configuration
                    11/4/2009 10:42:42 AM    Synchronization complete
                    11/4/2009 10:42:42 AM    Applying cryption changes

                     

                     

                     

                    The only info I can find on this error relates to a PDA server which we dont run. I can ping the box from the client and the firewalls good for it as I can telnet between the boxes on their relevant ports. What the hell?

                    • 7. Re: Moving MEE to new server

                      Are you sure you meant to do an offline installation?  If you do offline installations, you need to upload the SDB file into the database before it'll sync - I'm pretty sure that's why you're getting the Object Not Found errors.  If you do an online installation it'll connect to the database and create the object after the first reboot.

                      1 of 1 people found this helpful
                      • 8. Re: Moving MEE to new server

                        I'll give it a go

                        • 9. Re: Moving MEE to new server

                          Well thats gone and sorted my problem. Silly me. Created my original install set sooo long ago forgot which I opted for and why

                           

                          So all future machines will be looking in the right place. As for the old machines, do I manually change the sdmcfg.ini (tested and thats fine) or can I automate it somehow?

                          1 2 Previous Next