Backup, Restore and Migrate Server Help

Firstly - I have always restored HKLM\Sophos\Certification Manager\ before installing the console (as articles 12366 or 28276 say) and never tried to change these keys in a running system. Maybe someone from Sophos can comment on it - ah, I see this has already been done. (BTW: using this procedure I can easily "switch" clients from one management server to another).

Secondly - you did not mention credentials especially the SophosUpdateMgr account. Depending on how you installed SEC4 you might not know the password. I the "recovery install" creates a new one it will not match the one in the updating policies.

Question: endpoints cannot connect to the database - I'm not sure I understand what you are saying here. You mean the clients do not "talk" to the management server (what makes you think so)?

We've been through a "near disaster" when the management server was hit by Conficker (it was due for replacement anyway since it had some "unknown issue" and refused installation of 2003/SP1). I was on paternal leave at this time Fortunately I had already installed a new management server (using the procedure mentioned above) with a fairly recent snapshot of the database installed. Groups were in place, updating policies pointed to the new server but of course not all clients were known (but drag-and-drop is no rocket science and it helped lowering the adrenaline levels :smileywink:). So it was just an alias in DNS and reconfiguration of the proxy directive for the WebCID) and all fell into place. 

Depending on your "disaster scenario" you might want to test some additional steps: changed server name(s) and/or IP-address and required DNS settings, firewall settings and of course install from scratch including any "fixes" (and their sources - are they avaiable if your server is gone?) you might have applied.

Finally - the SQL error was transient?

Christian 

Firstly - I have always restored HKLM\Sophos\Certification Manager\ before installing the console (as articles 12366 or 28276 say) and never tried to change these keys in a running system. Maybe someone from Sophos can comment on it - ah, I see this has already been done. (BTW: using this procedure I can easily "switch" clients from one management server to another).

Secondly - you did not mention credentials especially the SophosUpdateMgr account. Depending on how you installed SEC4 you might not know the password. I the "recovery install" creates a new one it will not match the one in the updating policies.

Question: endpoints cannot connect to the database - I'm not sure I understand what you are saying here. You mean the clients do not "talk" to the management server (what makes you think so)?

We've been through a "near disaster" when the management server was hit by Conficker (it was due for replacement anyway since it had some "unknown issue" and refused installation of 2003/SP1). I was on paternal leave at this time Fortunately I had already installed a new management server (using the procedure mentioned above) with a fairly recent snapshot of the database installed. Groups were in place, updating policies pointed to the new server but of course not all clients were known (but drag-and-drop is no rocket science and it helped lowering the adrenaline levels :smileywink:). So it was just an alias in DNS and reconfiguration of the proxy directive for the WebCID) and all fell into place. 

Depending on your "disaster scenario" you might want to test some additional steps: changed server name(s) and/or IP-address and required DNS settings, firewall settings and of course install from scratch including any "fixes" (and their sources - are they avaiable if your server is gone?) you might have applied.

Finally - the SQL error was transient?

Christian