How do I move the Security Manager 6.0 databases to a new server? (NETIQKB70993)

  • 7770993
  • 19-Mar-2008
  • 02-Apr-2008

Environment

Security Manager 6.0

Situation

How do I move the Security Manager 6.0 databases to a new server?

How do I move the OnePoint database to a new server?

How do I change the database computer?

Resolution

NOTE:  If you are moving the databases to a new SQL server with the same name, please see the notes below under Additional Information.

To move the OnePoint, LogManagerSummary (on upgraded environment to 6.0), LogManagerConfiguration, and SecurityManagerCommon databases to a new database server:

Note: The new SQL database server must be in the same domain as the central computers. The following steps presume you already have a SQL server installed that meets Security Manager requirements. For more information about requirements, see the Installation Guide for Security Manager.

1. Close all open Security Manager user interfaces and stop the NetIQ Security and NetIQ Security Manager Core service on all central computers.

2. Detach OnePoint, LogManagerSummary (on upgraded environment to 6.0), LogManagerConfiguration, and SecurityManagerCommon databases using Microsoft SQL Server Management Studio by completing the following steps:

a. Connect to the Database Engine using the appropriate credentials and expand Databases.

b. Right-click the OnePoint database, and then click Tasks >Detach. Select Drop Connections and Update Statistics and then click OK.

c. Repeat Step b to detach the LogManagerSummary (on upgraded environment to 6.0), LogManagerConfiguration, and SecurityManagerCommon databases.

Note: You can also use New Query and run the
sp_detach stored procedure to do this task.

3. Move or copy the data (*. mdf ) and transaction log (*. ldf ) files for these databases to the new SQL server in the same drive and folder. (Note: This doesn't have to be the same path, but makes attaching the databases easier)

4. Attach the OnePoint, LogManagerSummary (on upgraded environment to 6.0), LogManagerConfiguration, and SecurityManagerCommon databases using Microsoft SQL Server Management Studio on the new server by completing the following steps:

a. Connect to the Database Engine using the appropriate credentials.

b. Right click Databases, and then click Attach. Make sure to enter the correct path to the data (
EeaData.mdf ) and transaction log ( EeaLog.ldf ) files and choose the service account as the owner of the database.  If the service account doesn't show up in the drop down list, you will need to add the account under the Security | Logins page.

c. Repeat Step b to attach the LogManagerSummary, LogManagerConfiguration, and SecurityManagerCommon databases.

Note: You can also use a New Query and run
sp_attach stored procedure to do this task.

Note:  The following steps should be completed in one continuous process and in order. There should not be any delays in executing the steps. Proper preparations should be made ahead of time to have all account, passwords, data paths and software available.

5. Update the Configuration and Component tables in the OnePoint database on the new SQL server by completing the following steps:
 
a. Open Microsoft SQL Server Management Studio, and then expand the Databases >  OnePoint >  Tables.

b. Right click the Configuration table, and click Open table.

c. Edit the DataValue column entry where the DataName column =
AlertURLBase with the new SQL Server name. For example:

old server=HTSSM1 and old value is: PropertySheet.asp?database=HTSSM1&target=%1&t=alert
new server=HOUSM5, change to the following: PropertySheet.asp?database=HOUSM5&target=%1&t=alert

d. Edit the DataValue column entry where the DataName column =
EventURLBase with new SQL Server name. For example:

old server=HTSSM1 and old value is:
PropertySheet.asp?database=HTSSM1&target=%1&t=event
new server=HOUSM5, change to the following:
PropertySheet.asp?database=HOUSM5&target=%1&t=event

e. Close the Configuration table.

f. Right click the Component table, and click Open table.

g. Edit the Version column entry where Name =
Database Version for the version of Security Manager you have installed from 6.00.0.194 to 6.00.0.193.

h. Close the Component table and open the Configuration and Component tables again to make sure these changes were saved.

6. Update the following registry entries on the all central computers. You can update the registry using the Registry Editor. Please see the warning at the end of this article about editing the registry.

HKLM|Software|NetIQ|Security Manager|DASServer|DataSource = New database server name
HKLM|Software|NetIQ|Security Manager|Configurations|Default|MCSApplications|Operations GUI|Databases|Default = New database server name

In the same place, if it exists, rename the old server name string value in the right pane to ?New database server name? and change its data value to ?New database server name?

HKLM|Software|NetIQ|Security Manager|Configurations|<Configuration Group name >|Operations|Databases = New database server name
HKLM|Software|NetIQ|Security Manager|Databases - rename the 'Old database server name' key to 'New database server name'
HKLM|Software|ODBC|ODBC.INI|LAVAE|Server = 'New database server name'.  (This entry will only exist on your Trend Analysis Central Computer)
HKLM|Software|ODBC|ODBC.INI|vimsla|Server = 'New database server name'

7. Run the setup program on.
the primary central computer, and then on any secondary central computers. Make sure to install all hotfixes and service packs that were installed ignoring any errors after each update is applied. The setup program needs to run in order to create the SQL OnePoint jobs, users, and  groups on the new SQL server as well as update additional configuration information on each central computer.

Notes:

a. Make sure that the installing user has the 'system administrators' role on the new SQL server.

b. We recommend creating Global groups in advance and mapping these Global groups to the local OnePointOp groups during the installation. Login with a user that has the 'system administrators' right on the database server and run the setup program, selecting next on each screen.  Make sure to fill in the service account and configuration group passwords.  When the setup is finished run the 'Access Configuration' utility to repair the permissions on the new SQL server for any groups/users that are members of the local OnePointOp groups on the central computer.  This only needs to be done on the primary central computer.  There is no need to run the 'Module Installer'.

8. After the setup is completed on each central computer, verify that the NetIQ Security Manager and NetIQ Security Manager Core services start on all central computers.  If the NetIQ Security Manager Core service has been disabled by the OS due to the service being deleted, restart the server and then login with a user that has the 'system administrators' right on the database server and re-run the setup program selecting next on each screen.  Make sure to fill in the service account and configuration group passwords.  This will re-install the NetIQ Security Manager Core service which couldn't be installed before due to some open files.

9. Open the Monitor Console and verify whether agents can reconnect with the central computers.

10. Make the following changes on all User Interface only computers:

a. Update following registry entry:

HKLM|Software|NetIQ|Security Manager|Configurations|Default|MCSApplications|Operations GUI|Databases|Default = New database server name

b. Perform the following steps:

Rerun the setup program and choose the defaults.  This will upgrade the user interface only components.  Clean up the old database key from the registry by removing HKLM | Software | NetIQ | Security Manager | Databases | <old database name>


Note:   If you are moving your databases to a new SQL server with the same name, then you will want to follow the above steps, with the following modifications:

Under "To move the OnePoint, LogManagerSummary (on upgraded environment to 6.0), LogManagerConfiguration, and SecurityManagerCommon databases to a new database server:"

Follow steps 1-4.
In step 5, skip steps b-e.
Skip step 6, 10, and 11.

Additional Information

Formerly known as NETIQKB70993

Warning: Using the Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. NetIQ Technical Support cannot guarantee that problems resulting from the incorrect use of Registry Editor can be resolved. Make sure you back up your registry prior to making any changes.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.