Tag Archives: SEC

Migrating the Sophos Enterprise Console Databases to a New Server

Basic Information
⦁ Sophos Enterprise Console (SEC) 5.5.0
⦁ One Management/Console Server
⦁ Database on a remote SQL Server – default instance

Database names
⦁ SOPHOS550
⦁ SOPHOSPATCH52
⦁ SophosSecurity

Database and Log File Names
⦁ SOPHOS550.mdf and SOPHOS550_log.LDF
⦁ SOPHOSPATCH52.mdf and SOPHOSPATCH52_log.LDF
⦁ SophosSecurity.mdf and SophosSecurity_log.LDF

SQL Server Settings
⦁ Database installed in the default MSSQLSERVER instance and not a SOPHOS instance – note the commands used with the batch files to backup and restore.
⦁ Sophos management user account called sopmgmt and this account has “sa” rights for SQL and is a member of the local administrators account on the server.
⦁ SQL Browser service running (install will not start if this service is not running).
⦁ Created a folder called C:\Temp\SophosBackups on both the new and existing SQL servers.

Note – to complete the install of the Sophos databases requires the SQL Server server to restarted.

Installation
Install the databases
⦁ Log on the new SQL Server server using the sopmgmt account.
⦁ Run the SEC installer and select Database Only from the options.
⦁ Change the instance name to MSSQLSERVER (can type free text in the dropdown box).
⦁ Set the account (used the logged on user – sopmgmt)
⦁ Restart the SQL Server server.

Stop Management Server Services
On the Management Server server stop the following services:
⦁ Sophos Management Service
⦁ Sophos Encryption Business Logic Service
⦁ Sophos Patch Endpoint Communicator Service
⦁ Sophos Patch Server Communicator

As this install was using a test environment the PowerShell command below was used to stop all Sophos Services:

get-service | ?{$_.DisplayName -ilike “Sophos*”} | stop-service

Backups
Note – use .\ to indicate the databases exist in the default SQL Server instance – the backup and restore batch files both default to a SQL instance named Sophos.

⦁ On the existing database server open an elevated Command Prompt and run the following command:
CD C:\Program Files\Sophos\Enterprise Console\DB\Core

Run the following in turn, assuming the backup location C:\Temp\SophosBackups exists:

⦁ backupdb.bat C:\Temp\SophosBackups\SOPHOS550db.bak .\ SOPHOS550
⦁ backupdb.bat C:\Temp\SophosBackups\SOPHOSPATCH52db.bak .\ SOPHOSPATCH52
⦁ backupdb.bat C:\Temp\SophosBackups\SophosSecuritydb.bak .\ SophosSecurity
⦁ Copy the backup files to C:\Windows\Temp\SophosBackups on the new SQL server.

Restores
⦁ On the new database server open an elevated Command Prompt and run the following command:
CD C:\Program Files\Sophos\Enterprise Console\DB\Core

Run the following in turn, assumng the backup location C:\Temp\SophosBackups exists:

⦁ restoredb.bat C:\Temp\SophosBackups\SOPHOS550db.bak .\ SOPHOS550
⦁ restoredb.bat C:\Temp\SophosBackups\SOPHOSPATCH52db.bak .\ SOPHOSPATCH52
⦁ restoredb.bat C:\Temp\SophosBackups\SophosSecuritydb.bak .\ SophosSecurity

Repoint the Management Server
On the Management Server change the server reference in the following registry locations to reflect the name of the new database server:

⦁HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\EE\Management Tools\DatabaseConnectionMS
⦁HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sophos\ServerSecurity\DatabaseConnection
⦁HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Patch\SophosPatchConnectionString
⦁HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\ServerSecurity\DatabaseConnection

⦁ Restart the Management Server server.

Reference: https://community.sophos.com/kb/en-us/17323
Reference: https://community.sophos.com/kb/en-us/110380