After DB migration and new SEP install, the client cannot get update (green dot)
Created: 23 Feb 2010 | Updated: 22 May 2010 | 8 comments
This issue has been solved. See solution.
Hi All,
I’ve just successfully migrated my SQL Server (SEM5) Database into new database server, what I wanted to achieve is to totally migrate the SEP Mgr. and its database into new server. I'm using Windows Server 2008 Std. x64 , SQL Server 2008 Std. x64 and SEP 11.0 MR5
After the database migration, I install the SEP mgr. as new install and then by pointing to use the existing SEM5 DB instance in the new server it works OK, but then all of the client still trying to connect to the old server ?
According to a posting in the internet somehow I must replace the sylink.XML in all of the client installation ? how can I do this for all of the client in my organization ?
Thanks,
Albert
Discussion Filed Under:
Comments 8 Comments • Jump to latest comment
use the sylink remote tool
https://www-secure.symantec.com/connect/downloads/sylinkreplacer-tool-connecting-sep-clients-sepm
there is a pdf read it.
when you installed new sepm, if you replace the certificate your clients should communicate, which document did you follow, ? this one?
https://www-secure.symantec.com/connect/forums/moving-endpoint-protection-management-another-server
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
In order to replace the sylink you can use Sylink Replacer or Sylink Remote
If you have the server certicate and keystroke.jks then follow the section for Restoring the server certicate and the Restoring client commuincation from the kb given below
Prachand MCSE-2012 Symantec Technical Specialist (SCTS)
I missed the link..
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007082112135948
Prachand MCSE-2012 Symantec Technical Specialist (SCTS)
Are you able to provide same IP address and host name to new SEPM?
If yes do a disaster recovery according to below doc
Best Practices for Disaster Recovery with Symantec Endpoint
Protection
If no go ahead with sylink replacer as told by earlier posters.
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
Hi Aravind,
The IP address is the same, but the server name is different.
Perhaps i can just create a CNAME for this matter ?
/* Infrastructure Support Engineer */
If your IP address is same change the computer name to old name restore the certificates as per that doc followed by the database restore and reconfigure the server all the clients should come back.
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
OK, here's an update for this case:
TROUBLESHOOTING STEPS :
1. Suggested to copy the server private key backup from the old server so that it can be replaced it.
2. Imported the old server certificates.
3. None of the clients came online.
4. Used sylink replacer, and only able to fine only about 5 of the 40 clients
5. Suggested to use sylink drop
6. I used the silent switch on the sylink drop with GPO and updated 2 clients.
7. Confirmed that the clients are communicating with the manager.
RESOLUTION PROVIDED : Replaced Sylink on all the clients.
/* Infrastructure Support Engineer */
so it is a mixed of solution to make it communicate again with the client.
the GPO startup script is to replace the sylink.xml file in every client.
/* Infrastructure Support Engineer */
Would you like to reply?
Login or Register to post your comment.