Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 2093 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Enterprise Console move and upgrade

keith_co

We are currently running Enterprise Console 4.5.  we also currently run our Enterprise Console on the same server as our SQL Server

we would like to do two things:

1. Upgrade to the newest version of the enterprise conole

2. Move the management pieces off of the SQL Server and put them on their own server, while keeping the SQL database where  it is.

I see a lot of articles on upgrading current setups and such, but nothing to this level.  Any ideas on what steps to take to do this?

thanks

:27483


This thread was automatically locked due to age.
Parents
  • 0

    Hi

    From where you are now, to where you want to be and to follow tested supported documents, it would be easier to move everything over to the new server, as that is supported and then move the database role back.  I appreciate this sounds a bit backward but otherwise you need a bespoke solution for which there are many questions.  

    In trying to think of a shortcut hack, something like this might work:

    1. Move the certauthstore registry key.  This key is mentioned in the migration guide.

    2. backup the privatestore to XML (http://www.sophos.com/en-us/support/knowledgebase/111425.aspx)

    3. Uninstall Enterprise Console in total off the SQL Server leaving just the SOPHOS45 database attached.  The database will never be removed from the instance on an uninstall.

    4. Run the SEC 5.1 installer on the SQL server to generate the 3 new databases.

    At this point, all you have are:

    1) a SOPHOS45 database attached to the SQL instance.

    2) An XML file with the private store values and syncpoint data

    3) a cert reg key.

    4) The 3 new empty databases of SEC 5.1

    Then on the new server:

    1. Import the cert key to ensure the same certs are generated.

    2. Run the SEC 5.1 installer and add the console and server roles.  You can point the install at the SQL server.

    3. Once complete, manually run "upgradedb.exe -debug -sourceVersion=45" (http://www.sophos.com/en-us/support/knowledgebase/65420.aspx) to transfer the data from SOPHOS45 to SOPHOS51.  The management service will fail to start until you do this because of the state.  The application event log will tell you why.

    4. Import the prvatestore (http://www.sophos.com/en-us/support/knowledgebase/111425.aspx).  This will ensure that all the passwords in your polices can be interpreted by the management service, as the database just holds strings that reference the private store entries.

    Hopefully this will get you into a position where you then need to redirect the endpoints.

    http://www.sophos.com/en-us/support/knowledgebase/116737.aspx

    This might be one solution but I haven't tested it.

    Regards,

    Jak

    :27933
Reply
  • 0

    Hi

    From where you are now, to where you want to be and to follow tested supported documents, it would be easier to move everything over to the new server, as that is supported and then move the database role back.  I appreciate this sounds a bit backward but otherwise you need a bespoke solution for which there are many questions.  

    In trying to think of a shortcut hack, something like this might work:

    1. Move the certauthstore registry key.  This key is mentioned in the migration guide.

    2. backup the privatestore to XML (http://www.sophos.com/en-us/support/knowledgebase/111425.aspx)

    3. Uninstall Enterprise Console in total off the SQL Server leaving just the SOPHOS45 database attached.  The database will never be removed from the instance on an uninstall.

    4. Run the SEC 5.1 installer on the SQL server to generate the 3 new databases.

    At this point, all you have are:

    1) a SOPHOS45 database attached to the SQL instance.

    2) An XML file with the private store values and syncpoint data

    3) a cert reg key.

    4) The 3 new empty databases of SEC 5.1

    Then on the new server:

    1. Import the cert key to ensure the same certs are generated.

    2. Run the SEC 5.1 installer and add the console and server roles.  You can point the install at the SQL server.

    3. Once complete, manually run "upgradedb.exe -debug -sourceVersion=45" (http://www.sophos.com/en-us/support/knowledgebase/65420.aspx) to transfer the data from SOPHOS45 to SOPHOS51.  The management service will fail to start until you do this because of the state.  The application event log will tell you why.

    4. Import the prvatestore (http://www.sophos.com/en-us/support/knowledgebase/111425.aspx).  This will ensure that all the passwords in your polices can be interpreted by the management service, as the database just holds strings that reference the private store entries.

    Hopefully this will get you into a position where you then need to redirect the endpoints.

    http://www.sophos.com/en-us/support/knowledgebase/116737.aspx

    This might be one solution but I haven't tested it.

    Regards,

    Jak

    :27933
Children
No Data