From chapter 12 of Sentinel Install Guide 220.127.116.11
Uninstalling the Software
Uninstalling Sentinel, Agent Manager and Advisor
Uninstall for Solaris
Starting the Sentinel uninstaller for Solaris
NOTE:On Solaris, after uninstalling Sentinel Server, you will need to manually remove the user esecadm from the OS, if desired.
Uninstall for Windows
Using the Sentinel Windows Uninstaller
1.Login as an Administrator.
2.Stop the Sentinel Server.
3.Select âStart->Program Files->e-Security->Uninstall e-Security 5.xâ
Follow the screen prompts. Select which applications to uninstall:
·Communication Server (message bus)
·Base Sentinel Services
·Agent Service (Agent Manager)
·Sentinel Database Manager (SDM)
·HP OpenView Service Desk
Uninstalling Using Control Panel
To uninstall e-Security Windows applications
1.Click Start > Programs > Settings > Control Panel > Add/Remove Programs
2.Click e-Security 5.x.
3.Follow the prompts. It will prompt you select which application to uninstall. Select which applications you wish to uninstall.
Uninstall leaves a few files on the machine, you will have to manually delete the files after uninstalling Sentinel 5. You may have to delete the $ESEC_HOME or %ESEC_HOME% directory and all sub-directories. For Advisor, you may want to delete your attack and alert folders used for your Advisor data files.
Some files that are left behind are:
·Sentinel log files
·Wizard log files
·DAS log files
·Agent Manager log files
Sometimes after un-installation, system settings remain. Go to Appendix A for procedures on how to manually remove remaining system settings.
Appendix Aâ Manual Cleanup of Previous Installations
When performing a clean installation of e-Security, it is HIGHLY recommended that you perform all of the following steps to make sure there are no files or system settings remaining from a previous installation of e-Security that could cause the new clean installation to fail. Perform the following steps for every machine you are performing a clean installation on BEFORE executing the installer.
Manual Cleanup of e-Security on Solaris1.Login as root.2.Make sure that all e-Security processes are not running.3.Remove contents of /opt/esecurityXX (or wherever the e-Security software was installed)4.Remove the following files in the /etc/rc3.d directory:
5.Remove the following files in the /etc/rc0.d directory:
6.Remove the following files in the /etc/init.d directory:
7.Remove the following files from /usr/local/bin:
8.Clean up installshield references in /var/sadm/pkg. Remove the following files from the /var/sadm/pkg directory:
§All files that begin with IS (IS* on the command line)
§All files that begin with ES (ES* on the command line)
§All files that begin with MISCwp (MISCwp* on the command line)
9.Remove the esecadm user (and home dir) and esec group (make sure no one is logged in as the esecadm user before performing this step)
§Run: userdel -r esecadm
§Run: groupdel esec
10.Remove Installshield section of /etc/profile, /etc/.login
11.Remove the /InstallShield directory, if one exists.
12.Remove the e-Security Oracle database by following the instructions in the section "Manual Cleanup of e-Security Oracle database on Solarisâ.
13.Restart the operating system.
Manual Cleanup of e-Security Oracle database on Solaris
- As oracle user, stop Oracle Listener:
- Run: lsnrctl stop
- Stop e-Security database:
- Change to the Oracle user
- Set the ORACLE_SID environment variable to the name of your eâSecurity database instance (usually ESEC).
- Run: sqlplus '/ as sysdba'
- At sqlplus prompt, run: shutdown immediate
- Remove entry for e-Security database in the file /var/opt/oracle/oratab
- Remove init
.ora (usually initESEC.ora) file from the directory $ORACLE_HOME/dbs.
- Remove entries for your e-Security database from the following files in the $ORACLE_HOME/network/admin directory:
- Delete the database data files from the location you chose to install them.
Manual Cleanup of e-Security on Windows
- Delete the folder C:\Program Files\Common Files\InstallShield\Universal and all of its contents.
- Delete the old e-Security installation folder (e.g.- C:\Program Files\esecurity5.0).
- Delete the following environment variables (if they exist) by right-clicking on My Computer, selecting the Properties, clicking on the Advanced tab, then clicking on the Environment Variables button:
- Remove any entries in the Path environment variable that point to a previous installation.
CAUTION:Be careful to only remove paths to old e-Security installations. Removing other entries in the Path can result in your system not functioning properly.
- Delete all e-Security shortcuts from the Desktop.
- Delete the shortcut folder Start > Programs > e-Security from the Start menu.
- Remove the e-Security Microsoft SQL Server database by following the instructions in the section "Manual Cleanup of e-Security Microsoft SQL Server database on Windowsâ.
- Restart the operating system.
Manual Cleanup of e-Security Microsoft SQL Server database on Windows
- Open Microsoft SQL Server Enterprise Manager and connect to the SQL Server instance where youâve installed your e-Security database.
- Expand the Database tree and locate your e-Security database.
- For each of the ESEC and ESEC_WF databases (or whatever name you gave your database during installation), right-click on the database and select"Deleteâ.
- When prompted, select "Yesâ to delete the database.