Endpoint Protection Small Business Edition

Hi,

I am trying to solve an issue I have.  I followed this doc on using the disaster recovery method to move my SEPM server (http://www.symantec.com/business/support/index?page=content&id=HOWTO16241&key=55357&actp=LIST).  Everything went fine, with the exception that none of the clients connect to the new server.  I found some articles on v11 to fix this, but didn't know if this is still the right method.

There is nothing in that document nor the linked documents about getting your clients to connect.  Can anyone help?  I have over 50+ users this is affecting so I need something I can deploy and not have to touch every machine manually.

Thanks,

See this KB - 

How to move the Symantec Protection Center from one server to a new server with a different host name and IP Address.

http://www.symantec.com/business/support/index?page=content&id=TECH98299&locale=en_US

Thomas

You link doesn't work.  However I have seen that thread before, and it is for version 11 and not for version 12.  It isn't supported to use the replication method as it supposedly causes issues down the road.  I believe at the end of that though they talk about using the sylink replacer.  Which is what I needed.

So AFTER following the Disaster Recovery Method, you must use the sylink replacer to get all your clients to reconnect. if you have moved SEPM to a new host with new IP.

I called tech support and got the tool.  Then ran it against my clients.  They are now reporting in.

Thanks.

Well, I have run into another issue.  Apparently when you install SEPM it grabs all IP's attached to the NIC.  Since I have 4 website on here, the sylink has 3 invalid entries and the old servers name and IP address in the sylink.xml file.

From what I can find it appears in 11.0 version you can simply edit this list in the SEPM.  However it appears in version 12 they have removed this ability.  Anyone know how to do this?

The link does work.  Not sure what the issue was.  It is also relevant to SEP 12.x, not SEP 11.x--in fact, it is a more detailed version of the document you referenced.

Anyhow, If you're using 12.x (you keep using SEPM which is throwing me off), there is no Management Server List capability in the SPC as there is no replication.  Does the correct value for your current SPC appear in the sylink.xml along with the invalid entries?

sandra

Thanks Sandra

You are correct the link is working, although I tried several times that day and I got a broken link, I tried again today and it does work.  It is a better doc than the one I referenced in that it contains all that I did in one doc.  I had to sort through at least 3 docs for that information.  Sorry about confusion in naming, SEPM makes more sense to me than SPC considering the first name is appropriate for what it does.

I discovered that the sylink.xml did have all valid IP's.  The issue was that it needed to be pushed to the clients.  The second issue is that I have multiple IP's on this server.  The sylink picks up all of the IP's that are on the NIC.  I brought this up with a technician last week (we have been on holiday since last Thursday), as this is not a good behavior.

We did two things to resolve which did not work.  1:  We modified the sylink.xml file and only left the single IP in it; 2: I removed the extra IP's from the NIC.

I turned the old server back on and the clients reconnected to it to get the updates they needed for now.  However I am left now with attempting to get this resolved.  I did not find any documentation stating that the software needs a single IP on the NIC, is this true?

Thanks, anyone have any more ideas?  Should I uninstall and go through the procedure again with a single IP?  Then re-add the other IP's I need for this server?  Or am I going to need to put it on it's own server?

Yeah, if you modify the sylink.xml, it's just going to be replaced with the one from the SPC.

I would expect that the client would go through the list of IPs until it finds one that works (which is what happens with a management server list).  Perhaps changing the binding order of the NIC so that the SEPM's is first, if the sylink.xml shows them in the order that they are bound. Otherwise I would suggest opening a case if you haven't already.

sandra

So after almost 3 weeks of troubleshooting we have finally solved this issues.  I wanted to post here so that others will not follow the same path that I have, and save you a lot of aggravation!

It turns out that Symantec posted this article about moving SPC 12.x from one server to another with different host names and different IP's.

How to move the Symantec Protection Center from one server to a new server with a different host name and IP Address.

This article should be renamed, "How to move the Symantec Protection Center from one srever to a new server with the SAME host name and IP address.

Copying the key file and restoring the database from backup ws the cause of all my issues!

The proper method is...

1. Install SPC on new server, creating a new database
2. Export custom policies from old server, & import into new server
3. Recreate computer groups if needed
4. Run sylink Replacer to point clients to new server

Done!

This worked for me right away.  The longest part was getting the sylink.xml replaced on all the clients.  You may be wondering, "if the database is blank how do the clients get added".  Once you replace the sylink.xml file and they contact the server they will tell the server what group they were in and it puts them back in.  Which is why you need to create they same computer groups that you had on the old server.

This solution was accomplished with Symantec technical support, so just so you understand I didn't come up with all this.  Hopefully this makes it inot a HowTo someday.

Hope this helps others.