Video Screencast Help

Need info on migrating from SEP 11.0.7200 to 12.1.4013

Created: 19 Nov 2013 • Updated: 10 Dec 2013 | 17 comments
michaelreinders's picture
This issue has been solved. See solution.

I have searched a bit on Symantec KB and forums but can't seem to find a definitive document.  Currently, we have our single management server running 11.0.7200.1147 on Server 2003 R2 (ServerOld).  We have approximately 3000 clients.

I have built a new Server 2012 R2 server (ServerNew) and have done the initial install of SEPM 12.1.4013.4013.  I'm at the Management Server Configuration Wizard where it asks for a new first site, an additional site, etc.

So, I'm not upgrading ServerOld because, well, it's old.  Are there any KB articles that directly explain this scenario?  If I do all new on ServerNew, I have to re-create a heck of a lot of configuraiton, not to mention re-point all 3000 clients to ServerNew.

Any help would be greatly appreciated!

Michael Reinders

Operating Systems:

Comments 17 CommentsJump to latest comment

Brɨan's picture

Check this document, I believe it fits your scenario

How to move Symantec Endpoint Protection Manager from one server to another server

padding: 1px;padding-bottom: 3px ;font: 12px Arial; text-align: left;">Article:TECH199292 padding: 1px;font: 12px Arial; text-align: left;"> |  padding: 0px;font: 12px Arial; text-align: left;">Created: 2012-11-02 padding: 1px;font: 12px Arial; text-align: left;"> |  padding: 1px;font: 12px Arial; text-align: left;">Updated: 2013-03-19 padding: 1px;font: 12px Arial; text-align: left;"> |  padding: 1px;font: 12px Arial; text-align: left;">Article URL http://www.symantec.com/docs/TECH199292

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SebastianZ's picture

You can use either replication or disaster recovery methods to move the SEPM to another machine:

http://www.symantec.com/docs/TECH104389

http://www.symantec.com/docs/TECH148555

Basically replication requires you to have both machines online at the same time - data gets replicated, you set up new server as prio 1, old one can be disconnected.

Disaster recovery works on basis of backing up current SEPM and restoring the configuration etc on new machine.

Chetan Savade's picture

Hi,

Thank you for posting in Symantec community.

I would be glad to answer your query.

Please check this forum article it explains possible scenarios:

https://www-secure.symantec.com/connect/articles/hot-move-sepm-one-server-another-server

I can suggest to go with either Disaster recovery or Replication.

If IP and hostname will be the same then go with Disaster recovery.

OR

If new SEPM has new IP and hostname then go with the Replication.

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

michaelreinders's picture

Thank everyone for their help.  Pretty much makes sense that replication should work.

A colleague mentioned the following:
-------------------------------------

We would install the same version of SEPM that we are running on a 2003 32bit OS, on a 2012 R2 64bit, I doubt that will work well or even at all.
-------------------------------------

Now, it's my understanding that the different architectures shouldn't matter.  SEPM itself is likely just a 32-bit app.  The product of course supports the different client architectures, but, having the same version of SEPM on a 32-bit server and a newer 64-bit server should be fine, correct?

Thanks again for your assistance!

Michael R.

Brɨan's picture

As long as you're on the same versions to do replication, that is all you need, regardless of architecture. SEPM supports both 32/64 bit

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Chetan Savade's picture

Hi Michael,

Replication can be an option.

If you wish to move SEPM from one machine to another with the help of replication, Replication is an option, decide whether to go or not.Because if you do replication and remove the old server that is the Primary SEPM, in future if you want to do replication you will not be able to do so.

In your case Server 2012 R2 can't do further replication if you removed SEPM installed 2003 Server machine.

Refer this article to find more info about replication:

Replication and considerations

http://www.symantec.com/connect/articles/replication-and-considerations

Q. Now, it's my understanding that the different architectures shouldn't matter.  SEPM itself is likely just a 32-bit app.  The product of course supports the different client architectures, but, having the same version of SEPM on a 32-bit server and a newer 64-bit server should be fine, correct?

--> SEPM version should be the same, OS platform doesn't matter.

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

michaelreinders's picture

First roadblock...when trying to install SEPM 11.0.7200.1147 on Server 2012 R2, it is hard blocked.  Windows won't let it install.

Does this mean I have to go the route of disaster recovery?

Michael R.

Brɨan's picture

12.1.4 is the first version to support 2012 R2 so that's why.

Yes, you can do DR than.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Chetan Savade's picture

Hi Michael,

Disaster reocvery looks better option for me.

Install SEP 11 RU7 MP2 (11.0.7200.1147) on server 2012 R2, perform disaster recovery with SEP 11 RU7 MP2 on server 2012 R2.

Once all the clients connected with the SEPM, go ahead with an upgrade to SEP 12.1 RU4.

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

michaelreinders's picture

Does anyone have any thoughts on this option?

  1. Upgrade ServerOld from 11.0.7200 to 12.1.4.
  2. Install 12.1.4 on ServerNew.
  3. Use Replication method to set ServerNew as partner.
  4. Transition primary from Old to New.
  5. After transition, remove ServerOld as partner, uninstall and decommission.

Thank you for your help.

Michael R.

P.S.  DR looks crazy involved and much hard than the above...

Brɨan's picture

Yea that's pretty much the steps to do replication. Pretty simple, just need to make sure you configure the MSL correctly so all clients point to the new SEPM. Once that's done, you can turn off the old SEPM.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Chetan Savade's picture

Hi,

This plan looks good if you continued with the replication.

Only make sure you have sufficient bandwidth to perform replication.

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

michaelreinders's picture

OK, roadblock #2!!!!! :)

When attempting the upgrade on ServerOld, I get this:

 Capture.JPG

The SQL database we're using with SEPM is on a SQL 2K5 SP2 cluster.  There are many databases on the cluster so upgrading the cluster to SP4 is not an option.

WEe do have a SQL Server 2008 R2 standalone server I'd like to 'migrate' the database to.  Is there a good document on how to do this?  Is this done solely in SQL Management Studio or is there a procedure within the SEPM console?

Thanks!

Michael R.

Chetan Savade's picture

Hi Michael,

You can refer this article:

Best Practices guide to moving the Symantec Endpoint Protection Manager SQL Server database from an existing SQL Server database to a new SQL Server database

http://www.symantec.com/docs/TECH167300

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

SOLUTION
michaelreinders's picture

OK.  Some progress.  I have successfully migrated the SEPM on ServerOld to another SQL database (SQL Server 2008 R2) and ran through the Management Server Config Wizard.  It is using the new database now and the console looks good.

During the upgrade on ServerOld to 12.1.4, it gets to a point during Copying Files, Moving Files and then rolls back and says the install was interrupted.

I have access to the SEPM_INST.log file that's about 28MB.  It's huge.  Is there something I can efficiently search for in the log file to find what happened?

Thanks!

Michael R.

Chetan Savade's picture

Hi,

Running the SymHelp tool to check for potential installation issues can often reveal the cause of the failure.

Also try to find 'return value 3' in the SEPM_inst.log.

Check 10-15 lines above return value 3 error.

As a try repair existing SEPM setup and then initiate the upgrade process.

Check this article as well: SEPM installation rolls back.

http://www.symantec.com/docs/TECH104408

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Chetan Savade's picture

Hi,

Is there any update?

OR

If issue has resolved, don't forget to mark your thread as 'SOLVED' with the answer that best helps you

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<