How do I decommission an old central computer and bring up a new one to replace it? (NETIQKB51306)

  • Document ID:7751306
  • Creation Date:02-Feb-2007
  • Modified Date:14-Sep-2007
    • Micro Focus Products:
      Security Manager

Resolution

goal
How do I decommission an old central computer and bring up a new one to replace it?

goal
How do I permanently take a central computer offline?

goal
How do I uninstall a single central computer?

goal
Our current central computer hardware is going off lease and we need to bring up a new central computer to replace it.

fact
Security Manager 5.00

fact
Security Manager 5.1

fact
Security Manager 5.5

fix

NOTE:  If you are just moving the central computer to new hardware with the same name and domain as the old one, then follow the directions in the note below "To move the central computer to new hardware keeping the same name and domain as the old one"

1. Install a new central computer to replace the old central computer:

  1. Verify prerequisite software is installed on new central computer by using the Verify Prerequisites tool in the installation kit.
  2. Install the same version of Security Manager (including hotfixes and service packs) on the new central computer.
  3. Confirm that the NetIQ Security Manager (OnePoint for version 5.0) service is running under the same service account and not local system.

2. Prepare for change over to the new central computer:

Note:

  • Perform Step 2. Prepare for change over to the new central computer, and Step 3 Configure the new central computer, on the same day.
  • Security Manager version 5.5 and later no longer uses the manualmc.txt file or managed computer rules.  If you are using Security Manager version 5.5 or later, skip to step 3.
  1. If you are using Security Manager version 5.0 or 5.1, copy the manualmc.txt file from the \Program Files\NetIQ Security Manager\OnePoint (\Program Files\MCS OnePoint\OnePoint for version 5.0) folder to a network location. If it does not exist, in the Monitor Console expand Monitor Console > Monitor > Infrastructure Components > Agents. Right click the right pane and click Export List. This list can then be used to create a manualmc.txt file for the new central computer. The standard format for this file is one computer per line. If the domain is the same, only the computer needs to be listed. If the domain differs from that of the central computer then the computer needs to be listed in the domain\computer format.
  2. If you are using Security Manager version 5.0 or 5.1, Delete the manualmc.txt file on this central computer. Make note of any managed computer rules and then delete them all from this central computer. You can delete the rules in the Monitor Console by expanding Configuration >  Central Computers. Right-click the central computer and click Modify Managed Computer Rules.
  3. Copy any Forensic Analysis queries from the \Program Files\NetIQ Security Manager\OnePoint\VSOC\Config\ForensicQueries (\Program Files\MCS OnePoint\OnePoint\VSOC\Config\ForensicQueries for version 5.0) folder to a network location.
  4. Copy the customdata.xml file from the \Program Files\NetIQ Security Manager\OnePoint\VSOC\Config (\Program Files\MCS OnePoint\OnePoint\VSOC\Config for version 5.0) folder to a network location.
  5. Determine what version of SQL Server Analysis Services is installed by opening Analysis Services and right clicking the Analysis Services folder. Click About Analysis Services and determine the version installed by checking the following Microsoft KB article:

    http://support.microsoft.com/default.aspx/kb/321185/en-us
  6. If you have the Trend Analysis server installed on this central computer, start Microsoft SQL Analysis Manager. Expand and right-click the LogManagerTrend database, and the click Archive Database. Save this backup to a network location. This step should be done the same day as changing the Trend Analysis server to the new central computer.

3. Configure the new central computer:

  1. If the old central.
    computer is being used as a Trend Analysis server, then install on the new central computer the same version of SQL Analysis Services, including the same version of the service packs, as what was installed on the old central computer.
  2. Confirm that the MSSQLServerOLAP service is running under the NetIQ Security Manager service account with the following naming convention: Domain\Username, and not local system or in the fqn convention (Username@domain.com).
  3. If you are using Security Manager version 5.5 or later, use the Agent Administrator to reassign agents to the new central computer. If you are using Security Manager version 5.1 or earlier, copy the manualmc.txt file from the network location to the \Program Files\NetIQ Security Manager\OnePoint (\Program Files\MCS OnePoint\OnePoint for version 5.0) folder on the new central computer.  If there were any managed computer rules, re-create them on the the new central computer.
  4. Copy any Forensic Analysis queries from the network location to the \Program Files\NetIQ Security Manager\OnePoint\VSOC\Config\ForensicQueries (\Program Files\MCS OnePoint\OnePoint\VSOC\Config\ForensicQueries for version 5.0) folder on the new central computer.
  5. Copy the customdata.xml file from the network location to the \Program Files\NetIQ Security Manager\OnePoint\VSOC\Config (\Program Files\MCS OnePoint\OnePoint\VSOC\Config for version 5.0) folder on the new central computer.
  6. Open the Monitor Console and expand Configuration. Right-click Central Computers and click Scan All Managed Computers. Refresh the right pane until the Status returns to Idle. All agents should appear in the Monitor > Infrastructure Components > Agents view with the new central computer listed in the Central Computer column. This might take up to 15 minutes.
  7. In the Monitor Console, expand Configuration > Global Settings, right-click Log Manager, and then click Properties. On the Trend Analysis Server tab click  the new central computer.
  8. Open Microsoft SQL Analysis Manager on the new central computer and verify that the LogManagerTrend database exists under databases.  When you configured this central computer to be the Trend Analysis server, Security Manager creates an empty database.  Right-click the server name, click Restore Database, and then browse to the LogManagerTrend.cab file on the network location where you archived it.
  9. In the Monitor Console, expand Configuration >  Global Settings, and then click Correlation Server. Remove the old central computer from the Correlation Servers list and add the new central computer. Right-click Configuration and click Force Configuration Changes Now.

4. Remove the old central computer:

  1. While testing the new central computer, shut down the old central computer but do not decommission it.
  2. Confirm that all agents are communicating with the new central computer in the Monitor Console in the Infrastructure Components > Agents view.
  3. On the following day, confirm that no errors occurred in the Monitor Console in the Security Views >  Security Manager Self-monitoring views or in the \Program Files\NetIQ Security Manager\OnePoint\log\LogManager.log file.
  4. If the system is operating properly, bring up the old central computer and remove the NetIQ Security Manager software using Add/Remove Programs in the Control Panel.
.


note

To move the central computer to new hardware keeping the same name and domain as the old one:

The order of the above steps will change.  Perform the steps in the following order:

2. Prepare for change over to the new central computer

4. Remove the old central computer - DO NOT uninstall the central computer, just remove the server from the network for now until the new central computer is up and running without problems.  Once the new server is up and running, then you can simply format the old server and decommission it.

1. Install a new central computer to replace the old central computer - make sure the name and domain are the same as the old central computer and that DNS can resolve to whatever IP address is being used.  You will want to perform a central computer only install on this new server.

3. Configure the new central computer - for SM 5.5, skip step 3.  For all versions, skip step 7 and 9.  In step 8, the LogManagerTrend database won't exist, but that is ok.  When you restore it from the backup it will be created.



Additional Information

Formerly known as NETIQKB51306