SEE Clients communicate with a SEE Management Server and it does this with a designated URL that can be configured.
Symantec Endpoint Encryption Management Server has the ability to change web access, so if you have multiple SEE Management Servers, and you want to have a SEE Client communicate with a new server, you can do so via the Server Commands. This article describes how this is done.
First, it is a good idea to test a single machine and ensure everything works before you expand this to a wider group of systems.
Once you have identified the machine you want to change, right-click it, and you will see the following context menu:
Once you open the Web Access, it will have the screen similar to the following:
In the screenshot above, for this example, we have "server1.example.com" and "server2.example.com".
The existing client is pointed to "server1.example.com", so from the list, you can select "server2.example.com.
Confirm the URL for communications is correct. In this case, we'll call it "server2.example.com":
Choose whatever port you have. In most cases, https will be port 443. In this example, 8080 is being used just for testing purposes.
Under the "Certificate Data" section, if you are not changing the certificate, this will be empty. The only time this would change is if a new certificate is added.
If a new certificate is updated, be careful about changing the Root Certificate. This page could be used to update the certificate, but may be best to consult with Symantec Encryption Support if this is the needed.
If only the server certificate changes, typically there is no need to update this page.
The next page to update is this, and make sure the user entered has the proper password and will authenticate properly.
It is not necessary to change the username and password if the existing credentials still work.
All of the above information will be pulled from the client when it checks in at the next policy update interval.
NOTE: OAuth location is not able to be changed through the Change Web Access task. Currently if a change is needed, an installation or upgrade of a client package created from the server you wish to change the OAuth authentication to is required.
For additional information on this topic, see the following topics:
Scenario 1: Moving SEE Client from Old SEE Management Server to New SEE Management Server
163292 - Migrating from one SEE Management Server to another (Completely new SEE Database)
Scenario 2: (Moving from PGP client/sever to SEE client/server)
227509 - Migrating from Symantec Encryption Desktop to Symantec Endpoint Encryption (Drive Encryption components)
Scenario 3: Moving SEE Clients from the same database to another SEE Management Server with the same Database
154122 - How to Migrate Symantec Endpoint Encryption Management Console and all the clients from one Server to another Server, without moving the existing SQL Server
Scenario 4: Moving same SEE database from one DB instance to another
152340 - How to move the SEE-MS SQL database from one server/instance to another
Scenario 5: Update which hostname the SEE Clients use for communications (Keeping same database)
249333 - Changing Web Access for SEE Clients on Symantec Encryption Management Server
Scenario 6: Moving the SEE Database from one domain (original.example.com) to a completely new domain (new.example.net)
266993 - Migrating from one Domain to a New Domain with Symantec Endpoint Encryption Management Server (From Old Domain to a new Domain)