Notification Server Disaster Recovery—database restoration on new/rebuilt system

book

Article ID: 179830

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

 

Resolution

Question
Scenario:
The Notification Server has a critical operating system or Hardware level failure. The Notification Server application is installed on a new/rebuilt computer and is connected to the original remote SQL database or restored local version.

What happens with NS security? The original SID (security identifiers) of the previous NT logon accounts may be different on the new computer.

Answer
The database configuration process will attempt to restore the roles:

  1. If the security roles relate to a local group with the same SID, they will be set to use that group.
  2. If there is no local group with the same SID, but there is a group with the same name, the security roles will be set to use that local group
  3. If there is no local group with the same SID or name, a new group will be created and the role will use that group. Membership of that group will not be restored.

If there are ACEs (access control entities) referencing SIDs other than roles, they will remain unchanged. If the SIDs can be resolved to a valid group they are used if they cannot be resolved they will be ignored.

When an Altiris solution is installed, the installation consists of two parts:
  • The MSI installation creates and populates the file system (folders/files) and then it writes the required entries in the registry.
  • AeXConfig.exe is launched with the /configure switch; this command is used to import the database schema and the objects into the configured Notification Server database.

Note: When solutions are installed and then configured, any existing solution specific data in the database will be overwritten.

When Notification Server is installed as a Disaster Recovery process, and when an existing database is required to be used, we recommend using the following recovery process:

IMPORTANT: The new Notification Server and installed solutions need to be taken to the same "product and version state" as was the old Notification Server

  1. Install Notification Server (verify the version that needs to be installed) and configure it to use a temporary database—generally it is advised to use a name other than Altiris since this may be the name of your existing database.
  2. Apply all Notification Server services packs or hotfixes that were previously used (version state is very important).
  3. Install only the solutions used with the old Notification Server (product state and version state are very important).
  4. Once the new Notification Server and installed solutions are in the same product and version state as was the old Notification Server, go to the Configuration tab of the NS Admin Web console and use the Database Settings option to point Notification Server to the existing database
  5. Go to Add or Remove Programs, select Altiris Notification Server and run the repair option.
  6. (OPTIONAL) Replace the CoreSettings.config file on the new Notification Server with the most recent CoreSettings.config file from the old Notification Server as this file is essentially the registry of the Notification Server.
  7. Restart Notification Server, and the database should be aligned to the SID and the pre-existing roles

Note: The above steps will preserve all custom items created on the original Notification Server and stored in the original database (and CoreSettings.config file).