Restoring MDM Server Components
2/9/2009
In the event of failure, you can restore an MDM server without major impact to the MDM environment. Before restoring an MDM server, you should run MDM Cleanup Tool to automate the removal of remnant MDM files and settings. To download MDM Cleanup Tool, see MDM Server Tools at this Microsoft Web page: https://go.microsoft.com/fwlink/?LinkID=127030.
Follow the guidance below to recover MDM server components from unexpected failures. You can also follow this guidance to move MDM components from one server to a different server.
Recovering from an MDM Device Management Server Failure
To recover an MDM Device Management Server from failure, follow these steps:
Open SQL Server Management Studio, expand <servername>, expand Databases, expand AdminServices, expand Tables, right-click dbo.Servers, and then select Delete.
Note
If you have a single server and use a different fully qualified domain name (FQDN) for the new server, clear the url= and adminurl= keyword values in the Active Directory service connection point (SCP).
If your deployment has more than one MDM Device Management Server, do not perform this step because the URL in the SCP is for the load balancer.
Open Active Directory Users and Computers, expand <domain name>, and then select SCMDM Infrastructure Groups (<instance name>).
In the right pane, right-click SCMDMDeviceManagementServers (<instance name>), and then select Properties.
In the SCMDMDeviceManagementServers (<instance name>) dialog box, on the Members tab, select the computer object for MDM Device Management Server, and then select Remove.
Warning
Remove only the computer object from the SCMDMDeviceManagementServers infrastructure group, do not remove the infrastructure group itself.
On the new server, install all of the prerequisite hardware and software as described in System Requirements for MDM Servers and Managed Devices and Configuring Infrastructure for MDM Deployment.
Install MDM Device Management Server as described in Step 3: Installing MDM Device Management Server. You can also install the Administrator Tools on MDM Device Management Server, if necessary.
Recovering from an MDM Enrollment Server Failure
To recover an MDM Enrollment Server from failure, follow these steps:
Open SQL Server Management Studio, expand <servername>, expand Databases, expand AdminServices, expand Tables, right-click dbo.Servers, and then select Delete.
Note
If you have a single server and use a different fully qualified domain name (FQDN) for the new server, clear the url= and adminurl= keyword values in the Active Directory service connection point (SCP).
If your deployment has more than one MDM Enrollment Server, do not perform this step because the URL in the SCP is for the load balancer. For information about modifying SCPs, see Modify an MDM Active Directory Service Connection Point.
Open Active Directory Users and Computers, expand <domain name>, and then select SCMDM Infrastructure Groups (<instance name>).
In the right pane, right-click SCMDMEnrollmentServers (<instance name>), and then select Properties.
In the SCMDMEnrollmentServers (<instance name>) dialog box, on the Members tab, select the computer object for MDM Enrollment Server, and then select Remove.
Warning
Remove only the computer object from the SCMDMEnrollmentServers infrastructure group membership; do not remove the infrastructure group itself.
On the new server, install all of the prerequisite hardware and software as described in System Requirements for MDM Servers and Managed Devices and Configuring Infrastructure for MDM Deployment.
Install MDM Enrollment Server as described in Step 2: Installing MDM Enrollment Server. You can also install the Administrator Tools on MDM Enrollment Server, if necessary.
Recovering from an MDM Gateway Server Failure
If your deployment uses a single MDM Gateway Server computer, then client devices will not be able to connect while you are restoring the server. To recover an MDM Gateway Server from failure, follow these steps:
Install all of the prerequisite hardware and software as described in System Requirements for MDM Servers and Managed Devices and Configuring Infrastructure for MDM Deployment.
Create the gateway certificate and install MDM Gateway Server as described in Step 5: Installing MDM Gateway Server.
If you use the same server name, IP address, and FQDN, then the Gateway Management node in MDM console should connect successfully.
If you use a different server name, IP address, or FQDN, then delete the Gateway Management node from MDM console, and run the Add MDM Gateway Wizard to add the new configuration information.Note
Make sure that an ‘A’ record exists in DNS for the new server; or, modify an existing record to reference the new server if the new MDM Gateway Server is using a new external IP address.
If your deployment uses an array of MDM Gateway Server computers, then follow these steps to recover from an MDM Gateway Server failure:
Make sure that the DNS or the gateway routing tables are updated so that client devices can connect to the next MDM Gateway Server.
Create the gateway certificate and install MDM Gateway Server as described in Step 5: Installing MDM Gateway Server.
If you use the same server names, IP addresses, and FQDNs, then the Gateway Management nodes in MDM Console should connect successfully.
If you use different server names, IP addresses, or FQDNs, then delete the Gateway Management nodes from MDM Console, and run the Add MDM Gateway Wizard to add the new configuration information for each MDM Gateway Server.Note
Make sure that an ‘A’ record exists in DNS for the new server; or, modify an existing record to reference the new server if the new MDM Gateway Server is using a new external IP address.
In Event Viewer, check the VPN Mobile Policy Engine to confirm that MDM Gateway Server received the configuration from MDM Device Management Server. Also check for VPN Mobile Connection events to confirm that devices are connecting to the new server.