Endpoint Protection

Hello All , I have a requirement would appreciate if you can share your kind comments and suggestions on this.

I have read the following statement  "   

In case you don't have a backup then check this note:

You can perform a disaster recovery without a database backup, but the following points apply in this case:

All policies must be re-created, or imported from other backups i.e. exported policy files.
Clients will be able to communicate with the SEPM but will re-appear in the console only after their next check-in.

Clients will reappear in the default group as they check in, unless you enable automatic creation of client groups on the re-installed SEPM by editing "scm.agent.groupcreation=true" to the conf.properties file " 

I was running SEPM 12.1 RU2 supporting about 600 managed endpoints and have its Server Private Key Backup but unfortunately dont have the backup to restore , so regarding performing DR I have two questions

1. Can I install new SEPM 12.1.5 and then restore this Server Private key Backup taken from SEPM 12.1 RU2 on SEPM 12.1.5 and endpoints will start reporting to it right away and pickup this Server Private Key Backup

2. if the scenerio 1 is not supported/compatible  then I would be needing to installing the same SEPM 12.1 RU2 and restore the Server private Key Backup in this scenerio if I enable "scm.agent.groupcreation=true"     then as the clients check in would the corresponding group for them will be automatically created for them in new DB and they will reside in it 

for example if previously I have two groups i.e GROUP-A and GROUP -B , alice , bob and chuck were part of GROUP-A and Daniel was part of GROUP-B then when I enable this "scm.agent.groupcreation=true" so   as clients check back in the new DB will the same groups will automatically created for them ?.

I am going to check it anyways if it works or not do share your suggestions and thoughts on this

Regards,

Yea should work fine but you're basically starting fresh aside from the fact that you don't have to re-connect the clients.

Thanks for your reply . Brian the agent will be already running on the client. so what you are saying is if I enable this setting so as the communication is restored and as clients check in the groups will be automatically created in the new DB and clients will reside in their corresponding groups ( as in previous DB) ?

Secondly the RU2 server private key backup file will work with 12.1.5 ? Regards

Did you already re-create the groups? If so then yea enabling will put them back into their respective groups.

You can use 12.1.5, it won't affect anything on the client end and the private key will work.

Yes, the groups get created and client will be reporting to that group.

Though I havent checked, however I do not see the reason RU2 server certificate shoud not work with RU5.

Brian no I have not created the groups I have simply enabled the settings

thanks pete for your reply . What you are saying is once I enable this setting in the http.conf then as the clients check back in to the new SEPM then the groups will be automatically created for them and they will reside in their corresponding groups automatically ( as they were in the previous DB )  ?

Well once you import, the groups get created, clients check in to their groups.
 

on the client, under the smc registry key, there is preferred group value, once you have changed the conf.properties file, the client would create the corresponding group in SEPM, if that group does not exist.

How does client have access to DB and create group,using what account, i'm not sure.

The changes have to be made in conf.properties.

By following the steps of disaster recovery without the DB, the client when communicate to new server will create a group.

You can test by setting up a simulate to confirm this.