HELP! Migration to new Server & Upgrade SEC 4.0.x to 5.x

Hello Hendra,

first of all, kudos for your detailed description (but some important details are missing).

The latest version is 5.2 but you can only upgrade from 5.x.

Which version did you install on the new server (and is the server 2008 R2 SP1)?

Many client with an error status

... that hasn't been sufficiently dealt with, I assume. I might be wrong but it sounds like the existing installation has been somewhat "neglected" :smileywink:. If this is indeed the case you should contemplate building from scratch. Of course it depends on the amount of configuration done, whether it is worth to be migrated at all and whether the client history is required or not. Are there multiple sites or what is the reason for the two child SUMs?

650 clients is not that much and it's not a complex group structure as far as I can see. While perhaps a little tedious the time required to recreate it on a new installation is probably less than the migration effort. Looks like there's a fair amount of clients gone or never protected - about one third.

As for the install location - unless there is a very good reason to have it somewhere else you should use the defaults and the system drive. No need to use the same as on the old server - the database (to be exact, the location of the data files) is an exception if you intend to export/import it.

Can't say anything about NAC though (guess it's NAC Basic which comes with SEC). But there as well it might be less effort to start from scratch.

Last but not least, I see a SEC 4.7 folder - from an intended migration which has never been conducted?

Christian

Dear QC,

Thanks for reply..
If you need more detail, what should I give?

Well, the first time that I saw (before I signed) looks like it is, many folders are fragmented and there is also a folder sec_47, maybe they intended to be upgraded to version 4.7, but as you can see there is no upgrade process to complete.

Regarding the status of the many erros client, that is the problem, I'd love to manage a client error, but a lot of the Offline status. I was not sure would work well when the database in the restore or import from the old server to the new server, and surely there will be some issues that I will get, especially the problem of RMS.

So, what should I do if the status of the SEC and the client like it?
Do I need to do the install from scratch, such as the SEC and push install the client install one by one? or is there another suggestion?

Thanks.
Regards,

Hendra

Hello Hendra,

just to make sure, this is my personal opinion (and I'm not Sophos).

more detail

What - besides assessing the environment - you have done so far, i.e. which version you attempted to install on the new server (5.1?, then trying to import the 4.0 database and migrate there - or ...?). And which step failed and how (error message).

If it is possible to discover/find/import the endpoints and push (this can be done for any number with one call of the wizard) the install from SEC (what about the apparently remote sites?) or automate the install on the clients (is this a domain/AD environment?) it's probably better to start from scratch. You'll have a "clean" database with the endpoints that "behave", it might also resolve some of the issues. Knowing that a significant part works you can then tackle the problem clients. Guess it'd be less work in the new environment.

A slightly different approach is to use the same certificates on the new server, configure RMS in the new CID and from the old server point the clients (possibly per-group) to the new CID. Those which update correctly will "move over" (the will appear in the Unassigned group and you'd have to distribute them to the desired new groups).  BTW: are there clients which roam "outside" or are they always on the internal network?

Christian

Hello QC,

Sorry if my english is poorly understood by you.

1. which version you attempted to install on the new server? then trying to import the 4.0 database and migrate there - or ...?)

Yes, I will upgrade to version 5.2 and I have installed a new server, and I plan to restore the database only from the old server to the new server because the old SQL Server 2005 I have successfully upgraded to version 2008.

When I try to restore the database, it fails. See message below:...

C:\Program Files\Sophos\Enterprise Console\DB\Core>RestoreDB.bat c:\dbsophos40.b
ak

C:\Program Files\Sophos\Enterprise Console\DB\Core>SET backupFilePath=c:\dbsopho
s40.bak

Disabling access to the database ...

C:\Program Files\Sophos\Enterprise Console\DB\Core>sqlcmd -E -S "JKTAV02\SOPHOS"
 -d "master" -b -Q "IF EXISTS (SELECT name FROM master.dbo.sysdatabases WHERE na
me = N'SOPHOS51') BEGIN ALTER DATABASE SOPHOS51 SET OFFLINE WITH ROLLBACK AFTER
5 END"
Nonqualified transactions are being rolled back. Estimated rollback completion:
100%.

Restoring the database ...

C:\Program Files\Sophos\Enterprise Console\DB\Core>sqlcmd -E -S "JKTAV02\SOPHOS"
 -d "master" -b -Q "CREATE TABLE #backupSetInfo (BackupName NVARCHAR(128),Backup
Description NVARCHAR(255),BackupType smallint,ExpirationDate datetime,Compressed
 tinyint,Position smallint,DeviceType tinyint,UserName NVARCHAR(128),ServerName
NVARCHAR(128),DatabaseName NVARCHAR(128),DatabaseVersion INT,DatabaseCreationDat
e datetime,BackupSize numeric(20,0),FirstLSN numeric(25,0),LastLSN numeric(25,0)
,CheckpointLSN numeric(25,0),DatabaseBackupLSN numeric(25,0),BackupStartDate dat
etime,BackupFinishDate datetime,SortOrder smallint,CodePage smallint,UnicodeLoca
leId INT,UnicodeComparisonStyle INT,CompatibilityLevel tinyint,SoftwareVendorId
INT,SoftwareVersionMajor INT,SoftwareVersionMinor INT,SoftwareVersionBuild INT,M
achineName NVARCHAR(128),Flags INT,BindingID uniqueidentifier,RecoveryForkID uni
queidentifier,Collation NVARCHAR(128),FamilyGUID uniqueidentifier,HasBulkLoggedD
ata INT,IsSnapshot INT,IsReadOnly INT,IsSingleUser INT,HasBackupChecksums INT,Is
Damaged INT,BeginsLogChain INT,HasIncompleteMetaData INT,IsForceOffline INT,IsCo
pyOnly INT,FirstRecoveryForkID uniqueidentifier,ForkPointLSN numeric(25,0),Recov
eryModel NVARCHAR(128),DifferentialBaseLSN numeric(25,0),DifferentialBaseGUID un
iqueidentifier,BackupTypeDescription NVARCHAR(128),BackupSetGUID uniqueidentifie
r,CompressedBackupSize INT); INSERT #backupSetInfo EXEC('RESTORE HEADERONLY FROM
 DISK=N' + '''c:\dbsophos40.bak'''); DECLARE @backupsetnumber smallint; SET @bac
kupsetnumber = (SELECT TOP(1) Position FROM #backupSetInfo ORDER BY BackupFinish
Date DESC); RESTORE DATABASE SOPHOS51 FROM DISK = 'c:\dbsophos40.bak' WITH FILE
= @backupsetnumber, REPLACE, RECOVERY; DROP TABLE #backupSetInfo;"

(1 rows affected)
Msg 5133, Level 16, State 1, Server JKTAV02\SOPHOS, Line 1
Directory lookup for the file "C:\Program Files\Microsoft SQL Server\MSSQL$SOPHO
S\Data\SOPHOS4.mdf" failed with the operating system error 3(The system cannot f
ind the path specified.).
Msg 3156, Level 16, State 3, Server JKTAV02\SOPHOS, Line 1
File 'SOPHOS4' cannot be restored to 'C:\Program Files\Microsoft SQL Server\MSSQ
L$SOPHOS\Data\SOPHOS4.mdf'. Use WITH MOVE to identify a valid location for the f
ile.
Msg 5133, Level 16, State 1, Server JKTAV02\SOPHOS, Line 1
Directory lookup for the file "C:\Program Files\Microsoft SQL Server\MSSQL$SOPHO
S\Data\SOPHOS4_log.LDF" failed with the operating system error 3(The system cann
ot find the path specified.).
Msg 3156, Level 16, State 3, Server JKTAV02\SOPHOS, Line 1
File 'SOPHOS4_log' cannot be restored to 'C:\Program Files\Microsoft SQL Server\
MSSQL$SOPHOS\Data\SOPHOS4_log.LDF'. Use WITH MOVE to identify a valid location f
or the file.
Msg 3119, Level 16, State 1, Server JKTAV02\SOPHOS, Line 1
Problems were identified while planning for the RESTORE statement. Previous mess
ages provide details.
Msg 3013, Level 16, State 1, Server JKTAV02\SOPHOS, Line 1
RESTORE DATABASE is terminating abnormally.
SQL2008 Statement failed, try SQL2005 statement

C:\Program Files\Sophos\Enterprise Console\DB\Core>sqlcmd -E -S "JKTAV02\SOPHOS"
 -d "master" -b -Q "CREATE TABLE #backupSetInfo (BackupName NVARCHAR(128),Backup
Description NVARCHAR(255),BackupType smallint,ExpirationDate datetime,Compressed
 tinyint,Position smallint,DeviceType tinyint,UserName NVARCHAR(128),ServerName
NVARCHAR(128),DatabaseName NVARCHAR(128),DatabaseVersion INT,DatabaseCreationDat
e datetime,BackupSize numeric(20,0),FirstLSN numeric(25,0),LastLSN numeric(25,0)
,CheckpointLSN numeric(25,0),DatabaseBackupLSN numeric(25,0),BackupStartDate dat
etime,BackupFinishDate datetime,SortOrder smallint,CodePage smallint,UnicodeLoca
leId INT,UnicodeComparisonStyle INT,CompatibilityLevel tinyint,SoftwareVendorId
INT,SoftwareVersionMajor INT,SoftwareVersionMinor INT,SoftwareVersionBuild INT,M
achineName NVARCHAR(128),Flags INT,BindingID uniqueidentifier,RecoveryForkID uni
queidentifier,Collation NVARCHAR(128),FamilyGUID uniqueidentifier,HasBulkLoggedD
ata INT,IsSnapshot INT,IsReadOnly INT,IsSingleUser INT,HasBackupChecksums INT,Is
Damaged INT,BeginsLogChain INT,HasIncompleteMetaData INT,IsForceOffline INT,IsCo
pyOnly INT,FirstRecoveryForkID uniqueidentifier,ForkPointLSN numeric(25,0),Recov
eryModel NVARCHAR(128),DifferentialBaseLSN numeric(25,0),DifferentialBaseGUID un
iqueidentifier,BackupTypeDescription NVARCHAR(128),BackupSetGUID uniqueidentifie
r); INSERT #backupSetInfo EXEC('RESTORE HEADERONLY FROM DISK=N' + '''c:\dbsophos
40.bak'''); DECLARE @backupsetnumber smallint; SET @backupsetnumber = (SELECT TO
P(1) Position FROM #backupSetInfo ORDER BY BackupFinishDate DESC); RESTORE DATAB
ASE SOPHOS51 FROM DISK = 'c:\dbsophos40.bak' WITH FILE = @backupsetnumber, REPLA
CE, RECOVERY; DROP TABLE #backupSetInfo;"
Msg 213, Level 16, State 7, Server JKTAV02\SOPHOS, Line 1
Column name or number of supplied values does not match table definition.
Msg 3013, Level 16, State 1, Server JKTAV02\SOPHOS, Line 1
RESTORE HEADERONLY is terminating abnormally.
Msg 3250, Level 16, State 1, Server JKTAV02\SOPHOS, Line 1
The value '0' is not within range for the FILE parameter.
Msg 3013, Level 16, State 1, Server JKTAV02\SOPHOS, Line 1
RESTORE DATABASE is terminating abnormally.
Failed to restore

Enabling access to the database ...

C:\Program Files\Sophos\Enterprise Console\DB\Core>sqlcmd -E -S "JKTAV02\SOPHOS"
 -d "master" -b -Q "ALTER DATABASE SOPHOS51 SET ONLINE"

2. is this a domain/AD environment? Yes

3. what about the apparently remote sites? are there clients which roam "outside" or are they always on the internal network?

Yes, there is a client overseas (South China Sea) with 150 clients and 300 clients located outside the local network and the remaining clients in the local area.

That explanation from me, regarding the issue and an explanation of the database restore your inquiry.

Well Chris, is there any more details you wan to ask?

Thanks.

Hendra