Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Disaster Recovery for Symantec Endpoint Protection Manager 12.1.x with existing SQL Database

Created: 16 Jun 2014 • Updated: 22 Aug 2014 | 10 comments
Language Translations
Shulk's picture
+4 4 Votes
Login to vote

Issue

The SEPM server needs to be reinstalled and reconnected to its existing SQL Database.

Solution

Note: Only the screen shots for the most important steps are shown.

Note: The Database username and password is needed during the reinstallation. Make sure to know it before performing the below steps. This is not the same account as the SA account.

##############

(!) IMPORTANT: Make sure to have a Database backup before reinstalling the SEPM.

##############

  1. Save the recovery file from the Server Private Key Backup folder located in the SEPM installation folder (default: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager).

    Note: The recovery file is needed to restore the certificate and therefore communication. It includes the encryption password, keystore files, default domain ID, certificate files, license files, and port numbers. After you install the management server, copy the compressed recovery file to another computer.

  2. Start the uninstallation process and uncheck the "Remove the database during uninstall" option before clicking Next.

sepm_0.png

  1. Reboot the server to finalize the uninstallation (required).
  2. Run the SEPM installation from the media folder.
  3. Make sure to use the same settings as the previous installation, select the option to “Use a recovery file to restore communication with previously deployed clients” and browse to the good certificate file saved previously in step 1:

01.png

  1.  Select the appropriate parameter:

02.png

  1. Select “Install an additional management server to an existing site”:

03.png

  1. Go through the server settings.
  2. Confirm the path for the SQL Server Client, enter the Database password and click Next. The information that the management server name already exists will be pop up, confirm by clicking Yes to complete the process:

04.png

  1. Once the initialization of the Database complete, the SEPM server is up and running again.

The SEPM is now reinstalled and the data and configuration has been restored from the database.

Note: It may take a few minutes before the SEP clients appear online again. That will depend on the communication settings in place.

Comments 10 CommentsJump to latest comment

Outrageous's picture

So Shulk this will enable the clients to come online as per the heartbeat interval ? 

Secondly apart from this are we required to perform some additional steps as well ?  Thanks 

0
Login to vote
Shulk's picture

Hi Outrageous,

Yes, this will allow the previously connected clients to restore the connection with the 'new' SEPM thanks to the recovery file import, step 5.

In that case scenario of simply having to reinstall the SEPM, no other steps required.

0
Login to vote
Outrageous's picture

Shulk could you please also share the screenshots if we perform a DR on a new machine with the same version of SEPM and DB Backup but the machine is diffrent having the same IP ans hostname ? would the clients come back online without any mantual intervention ?

0
Login to vote
Shulk's picture

Hi Outrageous,

You are talking of a normal Disaster Recovery procedure here, right? If the new server that will host the SEPM has the same IP@ and hostname, the clients will reconnect to that SEPM without any issue as long as the DR procedure is respected.

The most important about the client-server communication is the recovery_2014-XX-XX-XX-XX-XX.zip file located in C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Server Private Key Backup.

This file has to be used when installing the new SEPM server to restore the communication with the existing clients.

Does it answer your questions?

0
Login to vote
Outrageous's picture

Yes sort of Shulk, which right recovery file to use if there are multiple files located in SEPM/Server Private Key Backup the one with the latest timestamp ? 

Secondly basically the backup that would be used  of the old machine was on SQL instance running on a diffrent machine 

On the new machine I will install the same version of SEPM which will use the recovery file saved of old SEPM will create a new SQL server instance on a new SQL server once the installation is complete will simply restore the backup of old SEPM and endpoints would start connecting automaticially ?

0
Login to vote
Shulk's picture

Yes, you should use the recovery file with the latest timestamp.

Then when installing the new SEPM, you simply have to configure it to connect with the newly created SQL server.

And yes, the clients will reconnect automatically if the recovery file has been used and if the Hostname or IP@ are the same.

Check that KB article that explains how to move a SEPM to a new server:

http://www.symantec.com/docs/TECH104389

0
Login to vote