this could be a challenge, because EPO generates ist own CA during Installation. This CA is used to generate any security keys for Agent communication and repository signing. Additional the IP address and the FQN Name of the EPO Server are stored in the McAfee Agent package. This is for security reason to prevent Man-in-the-middle attacks.
From my Point of view this could work, but i have never tested it.
- Install an EPO server and export any key.
- Backup the McAfee Agent Directory from your master repository
- Now remove the EPO Server.
The new EPO Server/Agent handler must have the same FQDN or IP.
- Import the backed up security keys to enable secure communication with this EPO server.
The second option could be to run a script where a new sitelist.xml file is imported.
Hope this helps,
After Troja has ansewerd the how, I still feel I should ask the "why". If a new datacentre is being built, is everything coming in new, or are you trying to connect some new servers to an existing ePO server that you are importing?
Fundamentally, MA's rely on the ePO server being in place for them to report in to. If the agent is deployed first with no ePO server to connect to, it's going to do...well, nothing.
Thanks Troja for the reply , i will try it.
Hi chrisakinika, basically the situation is little bit complex.the installation of ePO is planned later ,so we are planning to rollout the new servers with installed McAfee agents(McAfee ready ).
Why not setup an ePO now and do the client-rollout. When the new Datacenter is ready you install the new ePO there and do a transfer of the agents. When all clients have moved just shut down the old one and everything should be fine. Simpel as that and not a big deal at all.
yes Dan,that's what we are going to do now.