Endpoint Protection

 View Only
  • 1.  Replicated SEPM to Win2008R2 in prep for moving SEPM

    Posted Apr 03, 2013 06:42 PM

    I have a long running SEPM 11.0.5002.333 running on a Win 2003 server. I want to move SEPM to a new Win2008R2 server and after moving it upgrade it to 12.1.2. I have followed the procedure for replication shown here: http://www.symantec.com/business/support/index?page=content&id=TECH104389

    When I start SEPM on machine 2 it displays the client list OK, but the icon for most clients has a red arrow. What does the red arrow mean? The red arrow only appears on machine 2, not machine 1.

    I've gone through all steps down to step 14 that says, "Stop the "Symantec Endpoint Protection Manager" and "Symantec Embedded Database" service on MACHINE_1 to verify whether all clients now report to the new SEPM on MACHINE_2"

    How do I verify clients now report to the new SEPM on the new machine 2? What should I do/test after I have stopped SEPM and database in the above step?

    When I do reports on the new machine 2, no data is displayed on some, other reports flash IE a couple of times an produce nothing. Is there a problem installing 11.0.5002.333 on Win2008R2? I already have "Enhanced IE security" disabled on the Win2008R2.

    To summarize, even though I have done all the steps to replicate, and it says last replication succeeded. I don't get any hint that any clients are reporting to the new machine 2 even though it is set to priority 1 and the old server is set to priority 2.

     

     

     



  • 2.  RE: Replicated SEPM to Win2008R2 in prep for moving SEPM

    Posted Apr 03, 2013 06:52 PM

    If you open the SEP GUI on a client and go to Help > >Troubleshooting, it will show what server it is connected to.

    Have a screenshot for the red arrow?



  • 3.  RE: Replicated SEPM to Win2008R2 in prep for moving SEPM

    Posted Apr 03, 2013 07:01 PM
      |   view attached

    Attached is a screen shot of clients in SEPM showing that red arrow in client icon.



  • 4.  RE: Replicated SEPM to Win2008R2 in prep for moving SEPM

    Posted Apr 03, 2013 07:08 PM

    That icon means the client is online and communicating with the SEPM at the other site. Replication is working so you should be good.

    Here is the KB article for reference on what the various icons in the SEPM mean:

    SEPM client status Icons

    Article:TECH106286  |  Created: 2008-01-16  |  Updated: 2009-01-11  |  Article URL http://www.symantec.com/docs/TECH106286

     



  • 5.  RE: Replicated SEPM to Win2008R2 in prep for moving SEPM

    Posted Apr 03, 2013 07:25 PM

    But why isn't the client with the red arrow communicating with the new SEPM on server 2? The new server has been priority 1 for 48 hours, and the other site is priority 2.

    So I should just stop SEPM and database service on the old machine and these clients will then communicate with the priority 1 machine?



  • 6.  RE: Replicated SEPM to Win2008R2 in prep for moving SEPM

    Posted Apr 03, 2013 07:56 PM

    You're certain the new MSL is applied to group with these clients in them? You can do that to see if they will talk to the other SEPM.



  • 7.  RE: Replicated SEPM to Win2008R2 in prep for moving SEPM

    Posted Apr 03, 2013 08:05 PM

    Yep I've done the "Apply" step twice and checked it. It shows all the groups with the correct live green circle with a white checkmark, indicating it's applied.

    When I added the new MSL I did not delete the old two that were already there. Instructions didn't say that.

    Tomorrow morning I'll shut down SEPM and database on the old server 1 and see what happens.