This content has been marked as final. Show 3 replies
I'm doing a fresh install of EPO4 and moving clients from 3.6.1 to 4. Spoke to Mcafee and they advised not to export the policies from 361 to 4 - there could be some corruption. I found corruption problems when upgrafing groushield from 6 to 7 so am rather going to recreate all policies from scratch.
I did a fresh install yesterday on my test server. Everything seemed to be okay, but it was time consuming setting up the tasks and directory structure. All my test clients communicated to the server which was using the same IP and servername.
Today, I re-ghosted the test server back to the working EPO 3.61 server image. The 6 clients then refused to respond to any agent wake-up calls.
In the EPOAPSVR.Log it shows the following error
"Failed to find server key for signing" for each client not updating.
In the server.log I see the following error against each client
"Sending key request to WIN2K8156
mod_epo Failed to sign data package, hr=0
It looks like you can't switch back due to server keys. How can one fix that?
We can't take the risk of breaking the communication for over 1400 systems. The majority of the systems are in a workgroup environment preventing me from pushing an EPO agent to them.
I appreciate your answer about the EPO policies and possible corruption if importing into EPO 4.0 from 3.6.1.
they have the new key from epo4.0 and you can not switch back to 3.61 without those keys....its a new functionality in 4.0 for better security...you have to redeploy agents. I would always do a fresh install if you can.....it sounds like you have a small environment so it would not be too time consuming. Our upgrades generally go very well but if you have the time do a fresh install.