Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Migrating a PolicyServer Application Server to a new host or network

    • Updated:
    • 1 Apr 2014
    • Product/Version:
    • Endpoint Encryption 3.1 PolicyServer
    • Endpoint Encryption 5.0
    • Platform:
    • Windows 2003 Enterprise
Summary
You want to migrate the PolicyServer Application Server due to any of the following reasons:
  • Move a single server application to a distributed installation with roles separated by server type.
  • Replace or upgrade the current application server hardware platform.
  • Migrate the application server to a different physical or logical network.
  • Migrate the application from physical to virtual hardware.
Details
Public
Requirements to migrate:
  • Existing PolicyServer
  • SQL Server database available from source and destination application servers
  • Source and destination application servers available from existing Endpoint Encryption clients
  • Control of applicable DNS zones
To prepare Endpoint Encryption for migration:
  1. Adjust the following policies to avoid interruption of client operations:
    • MobileSentinel > Common > Compliance > Synchronization Timeout (5 is the recommended value)
    • MobileSentinel > PC > MobileSentinelSyncInterval (1440 is the recommended value)
    • Full Disk Encryption > Common > Login > AccountLockoutPeriod (180 is the recommended value)
  2. Make sure that the clients received the new settings.
To migrate the PolicyServer:
  1. Back up the Endpoint Encryption databases.
  2. Build a new Application Server.
  3. Install the PolicyServerInstaller.exe file on the target application server, using the same settings as the existing PolicyServer.
  4. Create a DNS alias for the source server FQDN referencing the target server FQDN.
  5. Disable PolicyServer Windows Service on the source server.
  6. Migrate existing clients to use the target URI.
To verify the migration:
  1. Use the PolicyServer MMC Snap-in to connect to the target PolicyServer identified by its FQDN.
  2. Use the PolicyServer MMC Snap-in to connect to the target PolicyServer identified by the source PolicyServer alias.
  3. Install a new Endpoint Encryption client application on the target PolicyServer identified by its FQDN.
  4. Ensure that the existing clients have pre-boot connectivity. The clients must be able to log in and sync policies.
Premium
Internal
Rating:
Category:
Configure; Deploy; Install; Upgrade; Migrate
Solution Id:
1059690
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.