How to Restore the Root Management Server Encryption Key in Operations Manager 2007

  • Article

Applies To: Operations Manager 2007 R2, Operations Manager 2007 SP1

To restore the root management server (RMS) key, you need to use the SecureStorageBackup tool. The tool can start the Encryption Key Backup or Restore Wizard, or run as a command-line tool. The availability and behavior of the tool depends on whether or not the console is installed on the management server.

The SecureStorageBackup tool behaves as follows:

  • If the console and a management server are both installed, the tool is installed in the Microsoft System Center Operations Manager 2007 installation folder.

    In this case, if you start the tool without arguments, it starts the Encryption Key Backup or Restore Wizard. If you start the tool with arguments, it runs as a command-line tool.

  • If the console is not installed, the SecureStorageBackup tool is not installed. In this case, to use the tool, you must first copy it from the SupportTools folder on the installation media to the installation folder on the management server. For example, this happens if you are installing Operations Manager on a clustered RMS without installing the console on any server.

    In this case, the tool runs as a command-line tool, and you must provide proper arguments. You can run SecureStorageBackup.exe with the '/?' switch to get help for the tool.

Use the procedures below to restore the root management server encryption key, which is on the same server when recovering the root management server or on a different server when creating a clustered root management server.

To start the Encryption Key Backup or Restore Wizard to restore the Root Management Server encryption key

  1. Log on to the computer hosting the root management server with an account that is a member of the Administrators group.

  2. Open a command prompt window using the Run as Administrator option.

  3. At the command prompt, enter the following:

    cd <Operations Manager Installation Folder>

    SecureStorageBackup

  4. In the Encryption Key Backup or Restore Wizard, on the Backup or Restore? page, select the Restore the Encryption Key option and then complete the wizard.

To run the SecureStorageBackup tool in command-line mode to restore the root management server encryption key

  1. In a command prompt window using the Run as Administrator option and, enter the following:

    cd\<Operations Manager Installation Folder>

    SecureStorageBackup Restore <BackupFile>

  2. At the Please enter the password to use for storage/retrieval prompt, type the password, and then press ENTER.

    Use the same password that was used to back up the encryption keys.