Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SEP 11 replication between embedded database and SQL Server database?

Created: 23 Apr 2010 • Updated: 02 Jul 2010 | 10 comments
This issue has been solved. See solution.

I am currently run SEP 11 MR5 with two management servers running the embedded database with replication and will be upgrading next week to SEP RU6. Recently I had some major issues with the embedded database and also corruption, which has lead me to considering moving one of the embedded databases to SQL. This instance of SQL will be on a remote server that is our production SQL 2005 Server. Is this possible to have replication when using two SEP management servers, with one running the embedded database and the other a remote SQL Server? If this is possible, what is the migration path?

Discussion Filed Under:

Comments 10 CommentsJump to latest comment

thomas_m's picture
You should be able to replicate between an embedded and SQL server. I've included a document below for moving to SQL from the embedded DB.
 
Title: 'Symantec Endpoint Protection Manager: Moving from the Sybase Embedded Database to Microsoft SQL Server'
Document ID: 2007092722095248
> Web URL: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007092722095248?Open&seg=ent

Symantec Technical Support Engineer, SEP, SAV for Linux<

Scott K.'s picture

Thanks for the information thomas_mashos.

From reviewing that document it looks pretty straight forward. I will start with upgrading to RU6 on my existing two SEPMs and then follow the following steps from the document:
1) Disable replication
2) Backup the SEPM server certificate
3) Backup the embedded database
4) Move the backup copy of the embedded database
6) I will have the existing SQL Server 2005 preconfigured as documented in the Installation Guide
7) Uninstall the Symantec Endpoint Protection Manager and embedded database
8) Reinstall the Symantec Endpoint Protection Manager configured to use a Microsoft SQL Server database
9) Restore the SEPM server certificate
10) Restore the backup copy of the database
11) Reconfigure the Symantec Endpoint Protection Manager database to recognize Microsoft SQL Server

At this point I assume that I can then reconfigure replication between SEPMs?

P_K_'s picture

Hi Scott

We can establish replication between  embedded database and SQL Server database , for that we don't need to move to SQL
the replication will be straight forwrad.

Install the Second site and selcect it as a Replication partner and then in database select SQL.

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/a04eda251f467978652574c6007a8deb?OpenDocument
How to install the Symantec Endpoint Protection Manager(s) for replication

https://www-secure.symantec.com/connect/forums/sql-server-replication-best-practice

MCT MCSE-2012 Symantec Technical Specialist (SCTS)

SOLUTION
mon_raralio's picture

Can we do that on multiple servers? Like 2 servers both replicating on the same third server?

“Your most unhappy customers are your greatest source of learning.”

P_K_'s picture

Yes that is possible
Say we have server A, B, C

A will Replicate to B
A will also replicate with C

MCT MCSE-2012 Symantec Technical Specialist (SCTS)

Ramji Iyyer's picture

Yes !!!!!! You can do that on multiple servers? Like 2 servers both replicating on the same third server?

Regards...
Ramji Iyyer

Regards...
Ramji Iyyer

mon_raralio's picture

We're planning on changing the server roles from 2 primary each having a backup (4 servers total) to 3 primary/replication and 1 for the reporting and monitoring only.

“Your most unhappy customers are your greatest source of learning.”

Scott K.'s picture

Thanks Prachand, your suggestions will make this easier for my situation. Since Windows 2008 R2 is now supported, I want to try this for one the management servers. What I will do after upgrading to RU6, is install a third management server. It appears that I will need to create a third site by following the Knowledge Base article that Prachand referenced, called “How to install the Symantec Endpoint Protection Manager(s) for replication.” During install of this third management server, I will choose Microsoft SQL Server as the database, which I will setup ahead of time on our productions database.

If I like this new management server using SQL server, what is the best way to eliminate one of the original two management servers along with its site? Or is there a better to install this third management server in a different way (e.g. additional server in one of the existing sites and then migrate to a SQL database)?

Also is there a way to designate only of the servers for generating and emailing reports instead of each one?

Vikram Kumar-SAV to SEP's picture

Only Server will be the Base/Main Management server that is the SEPM installed first..After installed 3rd SEPM once you move the clients accordingly you can remove 2nd SEPM.

Vikram Kumar

Symantec Consultant

The most helpful part of entire Symantec connect is the Search button..do use it.

Ghent's picture

Yes, the server replication and database setup is somewhat flexible. Just be careful what happens to clients when you remove, (or change the IP address of) a SEPM server.
Make sure you have your certificate backups is very important. Before removing a server, make sure all the clients are communicating with a different server.

Before you completely uninstall or powerdown the old server, you can simply remove it's replication connection. That way the old server will no longer be an active part of the server replication process, but it will still be online to redirect any clients who might reconnect to the new server at a later time (say, a worker was on vacation so their computer was powered down for 2 weeks).

Just so you are aware, server can also be installed in a "Site Partner" relation. This means you can have mulitple SEPM servers sharing the same SQL database. This is not a bad option if you have 2 servers in the same physical location and you want one server to be a reporting server -- they can also act as fail/overs for eachother.