Loading...

Knowledge Center


Recommended procedure for migrating or moving the ePO 4.0 server to a new system
Technical Articles ID:  KB51438
Last Modified:  6/25/2014
Rated:


Environment

McAfee ePolicy Orchestrator 4.0

 

Summary

IMPORTANT: This information is intended for use by network and ePO administrators only. McAfee does not assume responsibility for any damages incurred, because they are intended as guidelines for disaster recovery. All liability for use of the following information remains with the user.
 
The instructions in this article can also be used by customers who want to migrate the ePolicy Orchestrator (ePO) server to another system.

These instructions are only for use with ePO 4.0 servers. For information migrating or moving the ePO 4.5 server to a new system, see KB66616 - ePO 4.5 server backup and disaster recovery procedure.

 
SQL Server Hardware Failure
Contact OEM for replacement of affected hardware.
 
 
SQL Server Database Failure
Contact Microsoft for procedures on restoring SQL databases.

For the ePO database specifically, refer to procedures for backing up and restoring an ePO database:

KB59562 - How to back up the ePO databases using OSQL commands
KB52126 - How to back up and restore the ePO database using Enterprise Manager/ Management Studio


ePO Server Hardware Failure

Contact OEM for replacement of affected hardware.
 

ePO Server Software Failure
The following data must be backed up to restore ePO to its original state in case of a failure.
 
 
Step 1 - Backups.

Backup the ePO database:
Back up the ePO database using the procedures outlined in:
 
KB59562 - How to back up the ePO databases using OSQL commands 
KB52126 - How to back up and restore the ePO database using Enterprise Manager/ Management Studio

For information on shrinking the SQL Transaction log prior to backing up the database, s
ee KB59204  - How to shrink the SQL Transaction Log (using Microsoft articles).
Backup the following folders:
...\Program Files\McAfee\ePolicy Orchestrator\DB\ (default installation path for ePO 4.0)
...\Program Files\McAfee\ePolicy Orchestrator\Server\Extensions\ (default installation path for software extensions)
...\Program Files\McAfee\ePolicy Orchestrator\Server\Conf\Catalina\ (default path for required files used by software extensions)
...\Program Files\McAfee\ePolicy Orchestrator\Server\Keystore\ (default path for server certificates)
Backup the Key-Store Pairs:
This backs up the repository and agent communication keys. By default, these are stored in: ...\Program Files\McAfee\ePolicy Orchestrator\DB\Keystore\
  1. Log on to the ePO console with an Admin account.
  2. Click the Configuration, Server Settings tabs.
  3. In the left pane, select the Security Keys.
  4. In the right pane, click Edit.
  5. In the Import and back up keys section, click Back UP All, then click Save.(Specified file = keystore.zip).
  6. Click Save to close the Edit Security Keys window.
 
Step 2 - To restore the ePO server to a new system after a server crash:
  1. Set up a new ePO 4.0 server on another system with the same IP address and Hostname, using the previously specified default Admin password. 

    IMPORTANT:
    - You must reinstall ePO to the exact same directory path as the previous installation, otherwise initialization of extensions will fail when the restore is complete.
    -
    If the same IP address and Hostname are not used on the new server, all agents that report to the server must be re-pushed to replace the local copies of SiteList.xml.

     
  2. Use the same port numbers that were used during the original installation.
    The server.ini file located in the previous installation (c:\Program Files\McAfee\ePolicy Orchestrator\DB) stores this information as follows by default:
    HTTPPort= 80 (Agent-to-Server communication port)
    AgentHttpPort= 8081 (Agent Wake-Up communication port)
    SecureHttpPort= 8443 (Console-to-Application Server communication port)
    BroadcastPort= 8082 (Agent Broadcast communication port)
  3. When installing ePO 4.0, use the original SQL server or a new SQL Server where the SQL backup can be restored. Use the same Authentication type for database connection credentials. For example NT or SQL Authentication.

    See step 8 for information on restoring the database.

    NOTE: If you use the original SQL server, the installer tries to create a database named ePO4_<epo_servername>. Because the name of the original ePO server is retained, the original database has to be backed up and detached. Otherwise, the installer prompts you to overwrite the existing database.
     
  4. After installing ePO 4.0, apply all Patches and Hotfixes that were installed on the original ePO server. 

    - If you are using Policy Auditor 5.x, reinstall the same version and apply the same Hotfixes that were originally installed. 
    - If you are using McAfee NAC 3.x, reinstall the same version and apply the same Hotfixes that were originally installed. 
     
  5. Log on to the new ePO 4.0 server.
  6. On the new ePO 4.0 server, click Start, Run, type services.msc, and click OK.
  7. Right-click each of the following services and select Stop:
    McAfee ePolicy Orchestrator 4.0.0 Application Server
    McAfee ePolicy Orchestrator 4.0.0 Event Parser
    McAfee ePolicy Orchestrator 4.0.0 Server 
  8. Restore the backed up copy of the ePO database.
    For information, see: KB52126 - How to back up and restore the ePO database using Enterprise Manager/ Management Studio
     
  9. Restore the contents of the following backed up folders to their original locations:
    ...\Program Files\McAfee\ePolicy Orchestrator\DB
    ...\Program Files\McAfee\ePolicy Orchestrator\Server\Extensions
    ...\Program Files\McAfee\ePolicy Orchestrator\Server\Conf\Catalina
    ...\Program Files\McAfee\ePolicy Orchestrator\Server\Keystore
    Replace the existing folders for the paths listed above with the contents of the backed up copies.
     
  10. On the new ePO 4.0 server, click Start, Run, type services.msc, and click OK.
  11. Right-click each of the following services and select Start:
    McAfee ePolicy Orchestrator 4.0.0 Application Server
    McAfee ePolicy Orchestrator 4.0.0 Event Parser
    McAfee ePolicy Orchestrator 4.0.0 Server 
  12. Click Start, Run, type IExplore.exe, and click OK.
  13. To open the Configure Database Settings page, go to: https://<servername>:8443/core/config
    If you do not use the default port (8443), substitute your correct console login port.
     
  14. Under Configure Database Settings, verify the following entries:
    Database server name
    Database server instance
    Database server port
    Database name
    User name
    User domain
    User password
    If you make any changes to these entries, ensure that you click Test Connection (bottom right corner) to verify the connection to the database is successful with the new settings before continuing.
     
  15. If any changes are made on the Configure Database Settings page, do the following:
     
    1. Click Apply (to save the changes).
    2. Restart the ePO 4.0 services.
       
  16. Log on to the ePO 4.0 console.
  17. Deploy the ePO agent only to the ePO server.
    This replaces the new agent keys on the ePO server with the restored ones from the previous installation. All other existing agents on the network will retain the proper keys and will not need to re-deployed.
 
Step 3 - Restoring the Previous Key Pairs
  1. Log on to the ePO console with the original username and password from the old ePO server (refer to the product guide for information on logging on to the ePO console). 
  2. Click the Configuration, Server Settings tabs.
  3. In the left-hand pane, select the Security Keys.
  4. In the right-hand pane, click Edit.
  5. In the Import and back up keys section, click Restore All.
  6. Click Browse and navigate to the keystore.zip, then click Open.
  7. Click Next, Restore.
  8. Click Save to close the Edit Security keys Window.

Previous Document ID

613867

Rate this document

Did this article resolve your issue?

Please provide any comments below

Affected Products


Best Practices

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms


Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.