McAfee ePO Backup - Restore

Step 1 - Backups.

Backup the ePO database:

Back up the ePO database using the DBBAK utility or SQL Enterprise Manager.

NOTE: The DBBak.Exe utility cannot be used to back up or restore the ePO 4.0 database if it resides in
either a Microsoft SQL Server 2005 or 2005 Express Edition version. For further details see the following
article

Backup the following folders:

...\Program Files\McAfee\ePolicy Orchestrator\DB\ (default installation path for ePO 4.0)
...\Program Files\McAfee\ePolicy Orchestrator\Server\Extensions\ (default installation path
for software extensions)
...\Program Files\McAfee\ePolicy Orchestrator\Server\Conf\Catalina\ (default path for
required files used by software extensions)
...\Program Files\McAfee\ePolicy Orchestrator\Server\Keystore\ (default path for server
certificates)

Backup the Key-Store Pairs:

NOTE: This backs up the repository and agent communication keys. These are stored in the
following folder by default: ...\Program Files\McAfee\ePolicy Orchestrator\DB\Keystore\

1. Log on to the ePO console with an Admin account.

2. Click the Configuration, Server Settings tabs.
3. In the left pane, select the Security Keys.
4. In the right pane, click Edit.
5. In the Import and back up keys section, click Back UP All, then click Save.(Specified
file = keystore.zip).
6. Click Save to close the Edit Security Keys window.

Step 2 - To restore the ePO server to a new system after a server crash:

1. Set up a new ePO 4.0 server on another system with the same IP address and Hostname,
using the previously specified default Admin password.

IMPORTANT:
- You must reinstall ePO to the exact same directory path as the previous
installation or initialization of extensions will fail when the restore is complete.
- If the same IP address and Hostname are not used on the new server, all agents which
report to the server must be re-pushed to replace the local copies of SiteList.xml.
2. Use the same port numbers that were used during the original installation.

NOTE: The server.ini file located in the previous installation (c:\Program

Files\McAfee\ePolicy Orchestrator\DB) stores this information as follows by default:

HTTPPort= 80 (Agent-to-Server communication port)

AgentHttpPort= 8081 (Agent Wake-Up communication port)
SecureHttpPort= 8443 (Console-to-Application Server communication port)
BroadcastPort= 8082 (Agent Broadcast communication port)

3. During the installation of ePO 4.0, use the original SQL server or a new SQL Server
where the SQL backup can be restored. Use the same Authentication type for database
connection credentials.
(Example: NT or SQL Authentication)

See step 8 for information on restoring the database.

NOTE: If you use the original SQL server, the installer will attempt to create a database
called ePO4_<epo_servername>. Because the name of the original ePO server is retained,
the original database has to be backed up and detached. Otherwise, the installer prompts
you to overwrite the existing database.

4. After installing ePO 4.0, apply all Patches and Hotfixes that were installed on the original
ePO server.

NOTE: If you are using Policy Auditor 5.x, reinstall the same version and apply the
same Hotfixes that were originally installed.

5. Log on to the new ePO 4.0 server.

6. On the new ePO 4.0 server, click Start, Run, type services.msc, and click OK.
7. Right-click each of the following services and select Stop:

McAfee ePolicy Orchestrator 4.0.0 Application Server

McAfee ePolicy Orchestrator 4.0.0 Event Parser
McAfee ePolicy Orchestrator 4.0.0 Server

8. Restore the backed up copy of the ePO database via SQL Enterprise Manager or using
DBBak.Exe

9. Restore the contents of the following backed up folders to their original locations:

...\Program Files\McAfee\ePolicy Orchestrator\DB

...\Program Files\McAfee\ePolicy Orchestrator\Server\Extensions
...\Program Files\McAfee\ePolicy Orchestrator\Server\Conf\Catalina
...\Program Files\McAfee\ePolicy Orchestrator\Server\Keystore
 NOTE: Replace the existing folders for the paths listed above with the contents of the
backed up copies.

10. On the new ePO 4.0 server, click Start, Run, type services.msc, and click OK.
11. Right-click each of the following services and select Start:

McAfee ePolicy Orchestrator 4.0.0 Application Server

McAfee ePolicy Orchestrator 4.0.0 Event Parser
McAfee ePolicy Orchestrator 4.0.0 Server

12. Click Start, Run type IExplore.exe, and click OK.

13. Navigate to the following URL to open the Configure Database Settings page:

https://<servername>:8443/core/config

NOTE: If you do not use the default port (8443), substitute your correct console login
port.

14. Under Configure Database Settings, verify the following entries:

Database server name
Database server instance
Database server port
Database name
User name
User domain
User password

NOTE: If any changes are made to the entries above, ensure that you click Test
Connection (bottom right corner) to verify the connection to the database is successful
with the new settings before continuing.

15. If any changes are made on the Configure Database Settings page, do the following:
a. Click Apply (to save the changes).
b. Restart the ePO 4.0 services.

16. Log on to the ePO 4.0 console.

17. Deploy the ePO agent only to the ePO server.

NOTE: This replaces the new agent keys on the ePO server with the restored ones from
the previous installation. All other existing agents on the network will retain the proper
keys and will not need to re-deployed.
Step 3 - Restoring the Previous Key Pairs:

1. Log on to the ePO console with the original username and password from the old ePO
server.
(Refer to the product guide for information on logging on to the ePO console)
2. Click the Configuration, Server Settings tabs.
3. In the left-hand pane, select the Security Keys.
4. In the right-hand pane, click Edit.
5. In the Import and back up keys section, click Restore All.
6. Click Browse and navigate to the keystore.zip, then click Open.
7. Click Next, Restore.
8. Click Save to close the Edit Security keys Window.