Moving Symantec Endpoint Manager to another server

Dennis Foote - Systems Engineer

While trying to move my Symantec manger to a new server in our environment, I found the following instructions on Symantec’s website and they worked like a charm! 

 MACHINE_2 will have both IP and hostname different from MACHINE_1

  1. Install Symantec Endpoint Protection Manager on MACHINE_2
    NOTE: The version installed to the new server must be the same version as on the old server. The new management console can be migrated to a newer version once the transition is complete.
  2. In the Management Server Configuration Wizard panel, check Install an additional site, and then click Next
  3. In the Server Information panel, accept or change the default values for the following boxes, and then click Next
    • Server Name
    • Server Port
    • Server Data Folder
  4. In the Site Information panel, accept or change the name in the Site Name box, and then click Next
  5. In the Replication Information panel, type values in the following boxes:
    • Replication Server Name
      The Name or IP address of MACHINE_1
    • Replication Server Port
      The default is 8443.
    • Administrator Name
      The Username used to log on to the old console.
    • Password
      The password used to log on to the old console.
  6. Click Next
  7. In the Certificate Warning dialog box, click Yes
  8. In the Database Server Choice panel, do one of the following, and then click Next:
    Check Embedded database or Microsoft SQL server (whichever database type you'd prefer to install), then complete the installation.
  9. Log in to the new SEPM on MACHINE_2 and ensure that all the clients and policies have Migrated successfully.
  10. Click Policies > Policy Components > Management Server Lists > Add Management Server List
  11. Click Add> Priority and a new Priority would get added named as "Priority2"
  12. Add MACHINE_1 under Priority 2 and add MACHINE_2 under Priority 1, and assign this New Management Server List to all the groups.
  13. Wait at least one replication cycle.
  14. Stop the "Symantec Endpoint Protection Manager" and "Symantec Embedded Database" service on MACHINE_1 to verify whether all clients now report to the new SEPM on MACHINE_2
  15. Once verified that all the clients are reporting into the new SEPM, and have moved away from the old one, proceed to the next step.
  16. Delete the Replication Partner from MACHINE_2 SEPM: Click on the Admin button | Under View Servers, Expand Replication Partners and select the partner to delete | Under Tasks, choose Delete Replication Partner | Type Yes when asked to verify deletion of the replication partner.
  17. After the successful Migration, uninstall SEPM from MACHINE_1