Moving an Existing GSS Server to a New Domain

book

Article ID: 211201

calendar_today

Updated On:

Products

Ghost Solution Suite

Issue/Introduction

The Customer is planning to move the GSS (Ghost Solution Suite) server to different domain.

The following is the scenario considered:

  • The only change is the actual domain name. For example: DomainOld.com to DomainNew.com
  • The GSS server name and IP Address staying the same (besides changing the domain name)
  • The SQL Server is installed in the same server as the GSS server.

 

Environment

GSS 3.3 RUx

Resolution

Note: The following steps are provided in the scenario when Domain in GSS setup (GSS server with Local PXE + Remote PXE) is changed with IP change and Account change. 

Make the following changes (please make a backup copy of any of the files suggested to modify/verify):

1. Console Security. You want to turn off console security if it is enabled (under Tools > security). This should be done before changing domain, while Console is accessible and working.

2. Stop Altiris services after domain change at GSS and PXE servers to let to perform changes in configurations.

3. If domain is changed and SQL login is affected by this change(old login is not valid anymore), as first step after domain change, it is required to create new SQL login and DB User for new domain account to prevent loosing SQL connection.

So if it is needed please perform the following steps:
a. Login new SQL instance as admin
b. Run the following query (instead of 'sa' you may put another login that is sysadmin for current SQL instance)
use [eXpress]
go
exec sp_changedbowner 'sa'
go

c. Under SQL instance Open "Security > Logins"
d. Select new login account customer would like to use. For example "AD\svcGhost". If it does not exist, please create it(it may be Windows local user or AD account or sql login)
e. In "Properties" of selected Login, Ensure that [eXpress] DB is selected under "User Mappings" and it has [public] + [db_owner] and apply changes
f. Under eXpress DB, Open "Security > Users"
g. Ensure user is created, under "General" properties has Login Name selected in Step 3.d above, under "Membership" properties has db_owner.

4. Update the AppID account (service account) used to new account from new domain.
Since the AppID/Service account is part of the old domain, you will need to change this:

To specify or change the Ghost Solution Suite Server service account:

  • From the Control Panel of the Ghost Solution Suite Server computer, open the Altiris Deployment Server (32-bit).
  • Click Account.
  • Choose whether you want to use the Local System account or a user-defined account.
  • If you choose a user-defined account, you must enter the user name and password. Click OK.
  • In the Service Logon Account dialog, select an account option.

5. Review Altiris services and services 'Log On' settings and update to new account accordingly where needed.

6. Update PXE reference for the domain. "Pxe.ini" lists a domain so they need to change there as well. Go to C:\Program Files (x86)\Altiris\eXpress\Deployment Server\PXE\pxe.ini

7. Review content of ..\eXpress\Deployment Server\default.cfg located at GSS server and update Names/IPs accordingly to changes. 

8. Review content of ..\eXpress\Deployment Server\PXE\PXEManager.ini located at GSS server and update Names/IPs accordingly to changes

9. Review content of ..\eXpress\Deployment Server\PXE\pxe.ini located at PXE servers and update Names/IPs accordingly to changes

10. Review content of ..\eXpress\Deployment Server\PXE\RPC.ini located at PXE servers and update Names/IPs accordingly to changes

11. Start services at GSS and PXE servers