Basic Information
⦁ Sophos Enterprise Console (SEC) 5.5.0
⦁ One Management/Console Server
⦁ Database on a remote SQL Server – default instance
Database names
⦁ SOPHOS550
⦁ SOPHOSPATCH52
⦁ SophosSecurity
Database and Log File Names
⦁ SOPHOS550.mdf and SOPHOS550_log.LDF
⦁ SOPHOSPATCH52.mdf and SOPHOSPATCH52_log.LDF
⦁ SophosSecurity.mdf and SophosSecurity_log.LDF
SQL Server Settings
⦁ Database installed in the default MSSQLSERVER instance and not a SOPHOS instance – note the commands used with the batch files to backup and restore.
⦁ Sophos management user account called sopmgmt and this account has “sa” rights for SQL and is a member of the local administrators account on the server.
⦁ SQL Browser service running (install will not start if this service is not running).
⦁ Created a folder called C:\Temp\SophosBackups on both the new and existing SQL servers.
Note – to complete the install of the Sophos databases requires the SQL Server server to restarted.
Installation
Install the databases
⦁ Log on the new SQL Server server using the sopmgmt account.
⦁ Run the SEC installer and select Database Only from the options.
⦁ Change the instance name to MSSQLSERVER (can type free text in the dropdown box).
⦁ Set the account (used the logged on user – sopmgmt)
⦁ Restart the SQL Server server.
Stop Management Server Services
On the Management Server server stop the following services:
⦁ Sophos Management Service
⦁ Sophos Encryption Business Logic Service
⦁ Sophos Patch Endpoint Communicator Service
⦁ Sophos Patch Server Communicator
As this install was using a test environment the PowerShell command below was used to stop all Sophos Services:
get-service | ?{$_.DisplayName -ilike “Sophos*”} | stop-service
Backups
Note – use .\ to indicate the databases exist in the default SQL Server instance – the backup and restore batch files both default to a SQL instance named Sophos.
⦁ On the existing database server open an elevated Command Prompt and run the following command:
CD C:\Program Files\Sophos\Enterprise Console\DB\Core
Run the following in turn, assuming the backup location C:\Temp\SophosBackups exists:
⦁ backupdb.bat C:\Temp\SophosBackups\SOPHOS550db.bak .\ SOPHOS550
⦁ backupdb.bat C:\Temp\SophosBackups\SOPHOSPATCH52db.bak .\ SOPHOSPATCH52
⦁ backupdb.bat C:\Temp\SophosBackups\SophosSecuritydb.bak .\ SophosSecurity
⦁ Copy the backup files to C:\Windows\Temp\SophosBackups on the new SQL server.
Restores
⦁ On the new database server open an elevated Command Prompt and run the following command:
CD C:\Program Files\Sophos\Enterprise Console\DB\Core
Run the following in turn, assumng the backup location C:\Temp\SophosBackups exists:
⦁ restoredb.bat C:\Temp\SophosBackups\SOPHOS550db.bak .\ SOPHOS550
⦁ restoredb.bat C:\Temp\SophosBackups\SOPHOSPATCH52db.bak .\ SOPHOSPATCH52
⦁ restoredb.bat C:\Temp\SophosBackups\SophosSecuritydb.bak .\ SophosSecurity
Repoint the Management Server
On the Management Server change the server reference in the following registry locations to reflect the name of the new database server:
⦁HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Sophos\EE\Management Tools\DatabaseConnectionMS
⦁HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sophos\ServerSecurity\DatabaseConnection
⦁HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Patch\SophosPatchConnectionString
⦁HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\ServerSecurity\DatabaseConnection
⦁ Restart the Management Server server.
Reference: https://community.sophos.com/kb/en-us/17323
Reference: https://community.sophos.com/kb/en-us/110380