SEPM server replication issues
I have 4 geographical sites. Each site has a SEP management server. Although I recently upgraded from 11.0.7 to 12.1.2 the issue I will describe below was present before the upgrade. I also did remove replication prior to the upgrade as indicated in the upgrade information and then recreated the replication.
First a question though, should I have replication in a hub and spoke configuration or a mesh configuration? I had it in a mesh (all servers replicate with all servers) before the upgrade but currently I have it in a hub and spoke configuration.
But the issue I am having is that each server indicates a different number of endpoints and each server has its own ideas about which groups contain particular managed machines. Each site has 2 groups, one for servers and one for workstation. Generally they concur about what machines are where and each management server tends to be about 95% accurate about the machines in it’s own site, but when I look on the other servers they disagree with each other.
For example let’s say that I have management servers A, B, C, and D for corresponding Sites A, B, C, and D. Management Server A will correctly show Client 1 in the workstation group for Site A. But when I look on Server B that client may be in another group or missing altogether. When I go look on Server C that client may be in yet a third location or missing. And Server D may agree with any of the previous 3 or have its own idea as well.
Generally speaking I think they tend to agree most of the time but somehow I can’t get them to all agree all of the time. No matter how much I have gone into each Management Server and straightened out what exists in terms of putting everything in the right group, they wind up getting scrambled again later.
Comments 8 Comments • Jump to latest comment
How often are they set to replicate?
SEP Knowledge Base
Endpoint SWAT
once the replication is successful, the client should be reporting to the replication partner SEPM.
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
I left it at auto when I configured replication. Replication is working. I can do it manually and it takes a while and then reports successful.
And they still show differently even after replication?
SEP Knowledge Base
Endpoint SWAT
Actually no. I had not gone around and tried forcing replication on all of them since the upgrade which I just finished yesterday but I had done that in the past with the old version. Just now however I initiated replication at each spoke and when that finished I initiated again with each site from the hub. Now they all agree as to what machine is in which group for the first time in a long while so that's great.
It looks like either the hub and spoke configuration helped or this new version handles replication better. But I wonder why I had to do it manually. When I added the last two replication partners yesterday at the hub it replicated a bunch of info, or appeared to. I had created a new policy at the hub and was waiting for it at each spoke before assigning the new package to the clients and that policy replicated yesterday. Anyway, glad that looks to be fixed, hopefully I won't see machines getting moved back the way I used to.
However at the home tab they all still disagree about how many endpoints I have. I do see where there is an asterisk next to total endpoints and it says "endpoints can be counted in more than one category" but as far as I can tell this number was being used before the replication to complain that I had used too many license seats, a problem which I knew was not true, and after replication appears to have gone away.
I'm also assuming you have the replication schedules setup differently for each one? Possibly a few hours apart? if so, I would expect this kind of behviour. At least this is how one of my environments is setup and reacts the same way. Once a replication is forced on all of them, they show the same numbers across the board.
SEP Knowledge Base
Endpoint SWAT
Well like I said I left it at the default which is "auto" so I have no idea how often it happens by itself. I may well go to scheduled replication though. I did some more experimenting with moving machines and then forcing replication. It looks like the hub and spoke configuration is ideal for that. If I make the changed on the hub and force replication then they all agree. I wonder if my machines getting scrambled was related to the mesh replication I had before the upgrade.
One anomoly I discovered though, the "Delete clients that have not connected for a specified time" setting in the domain properties of the admin tab was set to 0 which it was not before the upgrade. I think it was probably 30 before the upgrade which is what I set it back to. After replication one of my groups was reduced to a single page of machines when it had been two before which is what had me go look. It looks like I lost 10 or 15 laptops from my list. I hope they repopulate when they show up on the network.
they'll be back at next heartbeat..
Scheduled is always better than auto for big replications or bit complex setups.
Auto does a replication whenever there is a change..
Vikram Kumar
Symantec Consultant
The most helpful part of entire Symantec connect is the Search button..do use it.
Would you like to reply?
Login or Register to post your comment.