This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Migrate Enterprise Console (v5.2) or start again from scratch?

Hi all

We have a total of 35 PC's / Servers in our company. The server currently hosting Sophos Enterprise Console (Server 2003) is about to be retired and a Server 2012 VM will be taking over.

My question is... do I migrate the current Enterprise Console to the new server as per these instructions: http://www.sophos.com/en-us/medialibrary/PDFs/documentation/sec_52_mgeng.pdf

Or would it be easier to start again from scratch and completely reinstall the console and endpoint security?

Thanks in advance,
Adam.

:54553


This thread was automatically locked due to age.
  • Hi,

    I would suggest that if you're not too interested in the previous alert history it may be as easy to start again with a fresh installation.

    To save having to protect the computers again though I would do as follows:

    1. Export the certauthstore registry key from the old server and import this into the registry of the new server, ensuring wow6432node is observed.  

    The key is under:

    HKLM| software | Sophos | certification manager | certauthstore

    on the new 64-bit computer it will go to:

    HKLM| software | wow6432node | Sophos | certification manager | certauthstore

    I would suggest just updating the export .reg file with notepad to add in the wow6432node.

    2. Install SEC 5.2.2 on the new server.  
    Note: Importing the cert of the old server before installing will mean the resulting certificate will mean endpoints will still trust the server.

    3. Comfigure SUM to update and create the necessary CIDs from the subscriptions you require.  Create any groups you want to put clients into on the new server and create and link policies as required.

    4. Take a copy of mrinit.conf  from the new server, you can find it in the Enterprise Console directory or in any CID created and copy it to the old server.

    5. On the old server copy the mrinit.conf from the new server to the CID that the clients are using.  Copy it to the rms sub-directory of the CID. e.g.

    \\[OriginalServer]\SophosUpdate\CIDs\Sxxx\[package name]\rms\mrinit.conf

    Run ConfigCID against the old CID, to add the new mrinit.conf to the cidsync.upd file.

    Details on ConfigCID here: http://www.sophos.com/en-us/support/knowledgebase/13112.aspx

    6. On the next update, the clients updating from the old CID will pull down the "new servers" mrnint.conf from the old CIDs.  RMS on the clients will be configured to point to the new server.

    7. The clients should start to show up in the new console and you can create and move them into required groups.

    8.  The clients, now managed by the new server can be sent the correct updating and SAV policies.

    Hope it helps. 

    Regards,

    Jak

    :54559
  • Thanks Jak, much appreciated!

    Regards,

    Adam.

    :54577