Upgrade from 3.5.1 and below to 3.6.2 and above fails.

book

Article ID: 224500

calendar_today

Updated On:

Products

Endpoint Threat Defense for Active Directory

Issue/Introduction

  • Threat Defence for Active Directory (TDAD) Upgrade will hang with no errors. 
  • updater server upgrades then it doesn’t upgrade any other components. 

Cause

The upgrade to 3.6.2 or later is a significant step from our infrastructure perspective; for example, the internal database is migrating from MongoDB to MySQL/MS-SQL and lite DB databases. The Java core components were also upgraded. These major changes can cause problems in the upgrade process. 

Environment

TDAD 3.5.1 and below attempting to upgrade to 3.6.2 and above. 

Resolution

Upgrade from 3.5.1 and below may require a staging step to middleware temporarily build.

Upgrade steps:

  1. Take a snapshot of servers (core/remote DM's), or backup for rollback scenario.
  2. Validate current state of tdad, sepm, and general AD infrastructure brief (login to SEP, login to TDAD, validate services are running, document the current version and users in use (the DM service user (at the application pool), and the deceptive account (at the policy))
  3. Phase I: 
    1. Upgrade current build (3.5.1) to staging Intermediate build (3.6.0.0)    
      • Download "SETDAD_UPDATE_3.6.0.0_SIGNED.zip" from the Download Center to the TDAD server
      • Navigate to the Settings > System Update page in the Threat Defense for AD console.
      • Press Install Update Manually
      • Browse and select the file in the dialog box.
      • Press OK.
    2. testing and health check (Described later)
  4. Phase II: 
    1. Upgrade to version 3.6.2.2+
      • Download the most current TDAD version from the Download Center
      • Navigate to the Settings > System Update page in the Threat Defense for AD console.
      • Press Install Update Manually
      • Browse and select the file in the dialog box.
      • Press OK.
  5. Phase III:
    1. health check
      • Simulate alarms for testing
      • verify DB changed to LiteDB - 
      • C:\Program Files\Symantec\Endpoint Threat Defense for AD\DB\ - check the existence of DB's
      • during the upgrade and after - check for errors in the Upgrade log if needed: "C:\Program Files\Symantec\Endpoint Threat Defense for AD\SETDADUpdateSvc\Logs\SETDADUpdateSvc.log."
      • check all services up and running from the services.msc/sc command (or PowerShell - Get-Service -Name SETDAD*)
      • verify the Symantec Tomcat service is referring Tomcat 9 (at the service path)
      • verify the versions are changed

Note: When the upgrade is finished, the AD topology checking and the AI engine procedures are triggered (AI engine rebuilding the deceptive information (in large organizations can take few hours)

The 3.6.0.0 upgrade file can be found in the Download Center under Symantec Threat Defence for Active Directory Release : 3.6.0. The latest upgrade from here can be found in the Download Center.