OK, i have done everything i know of to either recover the data or mount the missing drive to no avail. Because i cannot cannot the the DB, i can not login to export the policies or master keys. What does this mean for the clients? Will i have to touch every one of them to reinstall the agent?
Sorry to hear you ePO server isn't functioning.
If you do not have a DB backup and a copy of your server keys, you will need to start from scratch.
Once you have rebuilt your ePO server from scratch cN I recommend you back up your Database using the tools included with SQL server, back up your Key Store Passphrase and export your server keys and store this with your backup. You should also take a server snapshot which takes all the file system objects such as all the repository contents and rights them into the Database on Blob format.
Once you have this strategy in place, provideding you backup your DB you can restore a failed app server from your DB backups with use of the Key Store Passphrase.
Sorry this doesn't help you in your current situation, but I hope it helps to prevent you getting into this situation again.
McAfee Volunteer Moderator
Certified McAfee Product Specialist - ePO
if the DB is lost, but the EPO Server itselft is available, backup the whole EPO Server directory.
The security keys are there stored.
The EPO CA and the security keys are generated through the setup process. With EPO 4.6.x i recoverd an EPO installation with this keys to get the McAfee Agent communication working again. This is tricky, but can be done. I have not tested this with EPO 5.x. so far.
If you are not able to restore the security keys, you have to reinstall any Agent on your endpoints.
Perhaps you might take a look at this KB article how a EPO CA can be rebuildet: https://kc.mcafee.com/corporate/index?page=content&id=KB75497&actp=null&viewloca le=en_US&showDraft=false&platinum_status=false&locale=en_US
I will copy the C:\Program Files (x86)\McAfee\ePolicy Orchestrator folder. So i spent the weekend rebuilding the drive and SQL cluster......
Now, i need to uninstall ePO. Delete the McAfee folder in C:\Programdata and any left over McAfee folder in Program Files (x86). For good measure, reboot the ePO server. This server is a hyper-v VM by the way. After the reboot, install ePO. After this, stop the ePO services and should i rename the ePO install folder and copy the "backed up" ePO folder into the new ePO install location? Start the ePO services and see what happens.
OK, i uninstalled ePO and rebooted the server. Reinstalled ePO. I then checked in VSE 8.8 patch 6, Site Advisor Enterprise patch 4 and mcafee agent 5.0.2 (linux, mac and enbedded) and associated extensions. I copied the entire McAfee folder before i uninstalled ePO->from there i found the master keys and copied them to the new install path then restarted the mcafee services. I see some clients making contact with the ePO server (yay!). Is there anyway to get the old client tasks from the copied Mcafee folder? In policy catalog->VirusScan Enterprise 8.8.0 > Access Protection Policies > My Default
anti-spyware maximum protection->prevent all files from running from the temp folder we had a bunch of entries in there. Is there anyway to recover all those entries in the copied Mcafee folder?
unless you export the policies, tasks and assignments to xml at some point in time, not really. They can't be recovered from the agent, that I know of.
On the subject of future catastrophy, with ePO 5.x you do a disaster recovery snapshot to the database. It copies all the important folders from ePo to the database. Then you back up the database.
If you had to reinstall, you could basically reinstall from the database it is a new option.