Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 8154 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Install new Server with Enterprise Console and manage all preview Endpoints

FFN

Hi

I'd like to install the Sophos Enterprise Console 5.2 on a new VM. After the new clean installation with local DB I'd like to configure the console with new policies (new exclusions etc.). I don't like to move all the old stuff like described in this guide:

http://www.sophos.com/en-us/medialibrary/PDFs/nonindexed/sec_50_mgeng.pdf

Because then I will have all the old sins ;) in my new clean installation.

So far so easy. But now my question: Is it possible to easy add all the endpoints (more then 400) previously managed by my old enterprise console into the new installed enterprise console? And how?

I tried it the way described in the guide (link above), by just right click "protect". But this didn't work.

:40417


This thread was automatically locked due to age.
Parents
  • 0

    QC: As you've mentioned DFS - are you thinking of letting the new server write to the same location as the old one and thus effecting the switchover? If so, how will you test?

    FFN: Yes, my plan was to use the same DFS Share for the new server. But this can’’’’t be a problem, because I never user both server at the same time. I stop the services on the old server and start the new server. So there will never be 2 server using the same DFS share.

    QC: Having 2 SUMs write to the same location is calling for troubles. If you use different locations then you'd have to tell the clients to use the new one. As they are still managed by the old one this has to be done from there.

    But this is contrary to what you said before. I tell the old server to use the new update share (configured in the new server), so in this moment I’’’’m going to have 2 servers using the same share!

    QC: When RMS is installed on the client for the first time it makes note of the server's identity and also gets instructions how and where to reach the server (by means of mrinit.conf).

    FFN: But then I have no chance to install a new server. Because the only one who can edit this mrinit.conf is the old server, because this server manages all endpoints. So how do I tell the endpoints to listen to the new server via the old server? This seams to me impossible?!

    QC: A client appears as managed in the console only when it establishes connection with the server. As written above two conditions must be met:

    1. the update location must contain the appropriate mrinit.conf

    2. the server must have the same identity

    Of course a client communicates only with one server at a time. You can manage it only from the one where it appears as managed and connected.

    (it does not disappear from the old when it connects to a new one).

    FFN: So whats your succestion? What is the easiest way to solve my problem? New DFS Share, new installation on new server and just reprotect all clients?

    This morning I followed the migration guide 1:1, so I’’’’ll have the exact same on the new server. BUT this din’’’’t work out so well. I can start the console and I can see everything. But its frozen. I can’’’’t click anything. After a while I found out, that this error message is shown (was not a message in front of everything):

    http://www.sophos.com/de-de/support/knowledgebase/53965.aspx

    :40585
Reply
  • 0

    QC: As you've mentioned DFS - are you thinking of letting the new server write to the same location as the old one and thus effecting the switchover? If so, how will you test?

    FFN: Yes, my plan was to use the same DFS Share for the new server. But this can’’’’t be a problem, because I never user both server at the same time. I stop the services on the old server and start the new server. So there will never be 2 server using the same DFS share.

    QC: Having 2 SUMs write to the same location is calling for troubles. If you use different locations then you'd have to tell the clients to use the new one. As they are still managed by the old one this has to be done from there.

    But this is contrary to what you said before. I tell the old server to use the new update share (configured in the new server), so in this moment I’’’’m going to have 2 servers using the same share!

    QC: When RMS is installed on the client for the first time it makes note of the server's identity and also gets instructions how and where to reach the server (by means of mrinit.conf).

    FFN: But then I have no chance to install a new server. Because the only one who can edit this mrinit.conf is the old server, because this server manages all endpoints. So how do I tell the endpoints to listen to the new server via the old server? This seams to me impossible?!

    QC: A client appears as managed in the console only when it establishes connection with the server. As written above two conditions must be met:

    1. the update location must contain the appropriate mrinit.conf

    2. the server must have the same identity

    Of course a client communicates only with one server at a time. You can manage it only from the one where it appears as managed and connected.

    (it does not disappear from the old when it connects to a new one).

    FFN: So whats your succestion? What is the easiest way to solve my problem? New DFS Share, new installation on new server and just reprotect all clients?

    This morning I followed the migration guide 1:1, so I’’’’ll have the exact same on the new server. BUT this din’’’’t work out so well. I can start the console and I can see everything. But its frozen. I can’’’’t click anything. After a while I found out, that this error message is shown (was not a message in front of everything):

    http://www.sophos.com/de-de/support/knowledgebase/53965.aspx

    :40585
Children
No Data