Antivirus Server Issue

vbongarala
vbongarala used Ask the Experts™
on
Hi Experts!!
We have depolyed primary SAV server ver 10.1 with Symantec Console and with 100 clients. For some reason we cannot access the console now. Due to this clients are not updating virus deftn files.We do not have a secondary server.

Is it possible that a newly built server can be made as a secondary server to the current primary server and all clients migrated to the secondary server ?
Thanks:)
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Hi,

When you try to access the SAV console, does it failes on authentication? Or have to forgot the credentials?
You may try to run Iforgot.exe file to reset the password.

Regards,
Pradeep Jhala
Hi,

You can follow the steps in this document to move clients from one primary server to another or secondary server.
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2005041111454648?Open&docid=20051122084245935&nsf=local%20replicas%5Cinter%5Cent-securityintl.nsf&view=br_docid/pf&seg=ent

Regards,
Pradeep jhala
Basically you will need to copy the GRC.DAT file from secondary server to the clients machine under c:\documnet setting\...........\7.5 and restart the computer.

Regards,
Pradeep Jhala
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
Thanks for the prompt response.

I'm aware of the procedure to migrate clients from old primary server to new primary server.

But what i wanna know is - with access to primary server not available  via the symantec console, how is it that i can make another server as SECONDARY server and then point all clients to this as the primary server.

Hi,

You will need the SSC access for this. You didnt answer my first question about the SSC access.
Have you tried Iforgot.exe if you have forgot the password? Or there is any other access issue?

Regards,
Pradeep Jhala

Author

Commented:
Sorry if i missed that.
SSC access is not available. We remember the password but sitll it sys cannt connect.

Thanks:)
Hi,

Then probably it will be difficult to make this happen. So we might need to work on fixing SSC access first. Can you tell me when was the last time you were able to access it and whether any thing changed in that server that caused this issue?

Regards,
Pradeep Jhala

Author

Commented:
The issue with SSC access has been there for last 1 yr or so and everytime..it happens we reboot the server and issue gets fixed but then again after 10 dys issue reoccurs again.

No changes have been made.Also note that we do not have backup of PKI folder.

Thanks:)
Hi,

I was going through resources about this particular issue. And all ends to a possible solution as Either Upgrade or Reinstall of SSC console.
-But before doing that, if possible try to restart the server so that you can access the SSC console and set the secondary server.
-Once done, you can then reinstall the SSC console after taking the backup of the PKI folder:
-This article will help understand about PKI folder backup and restore in case of server failures.

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2005040513373748

Regards,
Pradeep Jhala

Author

Commented:
Seems to see some hope in your post. But i have few doubts:

1. Does reinstalling SSC fix the issue permanently ?

2. If i reboot the server and SSC access is restored, plz send me the procedure how to setup a
    secondary server for the current primary server or atleast the link ?

3. "Once done, you can then reinstall the SSC console after taking the backup of the PKI folder"
   
    Here you mean - once the SSC access is restored after the reboot, take the backup of PKI folder
    and then resintall SSC console ? Is this what you meant ?

4. PKI folder is created after reinstall of SAV or SSC ?

Thanks:)

 

Hi,

1) Yes as we have observed the issues in multiple environment, the reinstall of SSC has fixed this issue permanently.

2) You can check this document  to designate a primary server and / install secondary managed server:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2006032717252948

3)Yes once the SSC is accessible, you can copy the PKI folder.

4)Once you install and designate the new primary server, you will need to backup the servergroup root certificates . Or the PKI folder itself. You will find all the information  in above posted link.

Regards,
Pradeep Jhala

Author

Commented:

Currently, both Symantec System Center and Symantec Antivirus are installed on the same server.

I know its possible to uninstall SSC with out affecting Symantec Antivirus ..but would appreciate if you could endorse it.

Thanks:)
Hi,

Yes you can for sure upgrade the SSC with SAV server installed. Just be cautious about the PKI and root certificate backup.

Regards,
Pradeep Jhala

Author

Commented:
Hi,

Thanks for the inpputs.I will try and get back to you,

Author

Commented:
Hi,

We did not get approval from client to uninstall and reinstall SSC from the current primary symantec server.

Instead, we installed  SAV and SSC fresh on another server, in a new server group and migrated 2 clients mapped to old primary server to this new primary server successfully. Encouraged by this - we are going ahead to migrate all clients to this new primary server.

But after migration is done, we need to come back to the old primary server and fix it. Following is required:

a. Resintall SAV and SSC again fresh on the old primary server and make it primary.

b. The newly installed primary server should be demoted as Secondary Symantec server and then
    used as backup.

Question is - How do we go about above 2 steps ? I find no documentation for this in Symantec site.

Thanks:)
Hi,

You have already given answer to your question within this post :)

The procedure that you followed right now to install SSC and SAV to another server and moved clients to them.
The same procedure you will need to follow to get the clients back to the old(repaired/fixed) primary server and console.

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2005041111454648?Open&docid=20051122084245935&nsf=local%20replicas%5Cinter%5Cent-securityintl.nsf&view=br_docid/pf&seg=ent

So basically:
a) Reinstall SSC and the SAV on old server and then make this server as primary.
b) once the server is made primary you can follow the procedure to copy replace GRC.dat file to the clients so that they will again start reporting to this fixed primary server.
and then you can use the newly created server as ur backup secondary server.

Regards,
Pradeep Jhala

Author

Commented:
Once the old server is built and made primary, doesn't clients automatically migrate back to this old server ? Is copying .dat files the only way to migrate clients from one primary server to another ?

If this is the case, say, we make the old server (repair/fixed) primary server, then, obviously the another server would becomes the secondary server in the same server group. Right ?

As this time all clients have mapped to old server as their primary server.

What if now, the same old primary server crashes ? Do we promote secondary server in the same group as primary and again follow the copy process of .dat file from this server to all clients again to make them mapped to this server again ?

Is this the only way  to make clients talk to secondary server when it becomes primary ?

Thanks:)

Author

Commented:
Thanks a lot.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial