Video Screencast Help

Disaster Recovery for Symantec Endpoint Protection Manager 12.1.x with existing SQL Database

Created: 16 Jun 2014 • Updated: 22 Aug 2014 | 11 comments
Language Translations
Shulk's picture
+4 4 Votes
Login to vote

Issue

The SEPM server needs to be reinstalled and reconnected to its existing SQL Database.

Solution

Note: Only the screen shots for the most important steps are shown.

Note: The Database username and password is needed during the reinstallation. Make sure to know it before performing the below steps. This is not the same account as the SA account.

##############

(!) IMPORTANT: Make sure to have a Database backup before reinstalling the SEPM.

##############

  1. Save the recovery file from the Server Private Key Backup folder located in the SEPM installation folder (default: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager).

    Note: The recovery file is needed to restore the certificate and therefore communication. It includes the encryption password, keystore files, default domain ID, certificate files, license files, and port numbers. After you install the management server, copy the compressed recovery file to another computer.

  2. Start the uninstallation process and uncheck the "Remove the database during uninstall" option before clicking Next.

sepm_0.png

  1. Reboot the server to finalize the uninstallation (required).
  2. Run the SEPM installation from the media folder.
  3. Make sure to use the same settings as the previous installation, select the option to “Use a recovery file to restore communication with previously deployed clients” and browse to the good certificate file saved previously in step 1:

01.png

  1.  Select the appropriate parameter:

02.png

  1. Select “Install an additional management server to an existing site”:

03.png

  1. Go through the server settings.
  2. Confirm the path for the SQL Server Client, enter the Database password and click Next. The information that the management server name already exists will be pop up, confirm by clicking Yes to complete the process:

04.png

  1. Once the initialization of the Database complete, the SEPM server is up and running again.

The SEPM is now reinstalled and the data and configuration has been restored from the database.

Note: It may take a few minutes before the SEP clients appear online again. That will depend on the communication settings in place.

Comments 11 CommentsJump to latest comment

Outrageous's picture

So Shulk this will enable the clients to come online as per the heartbeat interval ? 

Secondly apart from this are we required to perform some additional steps as well ?  Thanks 

0
Login to vote
Shulk's picture

Hi Outrageous,

Yes, this will allow the previously connected clients to restore the connection with the 'new' SEPM thanks to the recovery file import, step 5.

In that case scenario of simply having to reinstall the SEPM, no other steps required.

0
Login to vote
Outrageous's picture

Shulk could you please also share the screenshots if we perform a DR on a new machine with the same version of SEPM and DB Backup but the machine is diffrent having the same IP ans hostname ? would the clients come back online without any mantual intervention ?

0
Login to vote
Shulk's picture

Hi Outrageous,

You are talking of a normal Disaster Recovery procedure here, right? If the new server that will host the SEPM has the same IP@ and hostname, the clients will reconnect to that SEPM without any issue as long as the DR procedure is respected.

The most important about the client-server communication is the recovery_2014-XX-XX-XX-XX-XX.zip file located in C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Server Private Key Backup.

This file has to be used when installing the new SEPM server to restore the communication with the existing clients.

Does it answer your questions?

0
Login to vote
Outrageous's picture

Yes sort of Shulk, which right recovery file to use if there are multiple files located in SEPM/Server Private Key Backup the one with the latest timestamp ? 

Secondly basically the backup that would be used  of the old machine was on SQL instance running on a diffrent machine 

On the new machine I will install the same version of SEPM which will use the recovery file saved of old SEPM will create a new SQL server instance on a new SQL server once the installation is complete will simply restore the backup of old SEPM and endpoints would start connecting automaticially ?

0
Login to vote
Shulk's picture

Yes, you should use the recovery file with the latest timestamp.

Then when installing the new SEPM, you simply have to configure it to connect with the newly created SQL server.

And yes, the clients will reconnect automatically if the recovery file has been used and if the Hostname or IP@ are the same.

Check that KB article that explains how to move a SEPM to a new server:

http://www.symantec.com/docs/TECH104389

0
Login to vote
Kartheepan's picture

Hi,
I am new to Symantec and have been enthrusted with migration of SEPM from Win2k3 server to Win2008 server. I have requested for the new server with the same name and IP of the Win2k3 server to implement DR. Can you let me know if i can follow the above DR process and also let me know the process to follow for a worst case scenario if DR process fails (touchwood). 
 

Also in the Management server Configuration Wizard do i have to use Install Additional Management server to an existing site when installing SEPM on the new server ?

 
Note : We use a Embedded SQL server in our environment.

0
Login to vote
SecurityGIV's picture

Hello,

I would like to refresh this subject. This article is not fully clear for me.

Lets say that my SEPM server crushed (only SEPM server, database I have in diffrent loaction). I have prepared new server with the same IP address and host name. My SQL database is in good condition, so I would like to connect to my existing DB.

Steps to do on fresh machine:

1) Install SEPM from cd/dvd or installation files with backuped recovery files,

2) Configuration wizzard:

Database step - how can I connect to my existing DB  if on this screen there is no question like type DataBase name? or there is?

What is exactly: SQL server client folder? This is the path where my sql database is keept (so path to separated server in my case)? 

I'd like to do Disaster Recovery test in my environment.

thanks in advance

0
Login to vote
Shulk's picture

Hi,

The database information are on the last screenshot. There you should enter the server name hosting the SQL instance for the sem5 DB, as well as the username and password for the sem5 DB.

The SEPM needs to communicate with the DB the SQL Server native client (bcp.exe) that must be installed on the same server as the SEPM, see bleo article on how to install it:

http://www.symantec.com/connect/articles/how-install-microsoft-sql-serve...

0
Login to vote
SecurityGIV's picture

Thank you Shulk. Seems now clear enought. One thing I was wondering, why SQL Server native client (bcp.exe) is not installed with SEPM application or it is? 

0
Login to vote
Roshan77's picture

Hi Shulk,

Could you assist me to do a disaster recovery of my existing SEPM 12.1.6 MP1. My issue is, my admin login is suspended, and the existing email server settings in the SEPN is no alonger valid. (we changed iur email host)

Since the passwordreset.bat is no longer a solution for 12.1.x version, I would rather appreciate if your could give me the steps. Do I really need to know the database password as such?

Roshan

0
Login to vote