RMS Disaster Recovery – part II

In my last post I was doing some test with recovery of the root management server, where I restored a RMS without the encryption key. In this lab I will promote my second management server to RMS and then I will switch back the RMS role again. I have a root management server (RMS) named CO-OPSMGR-RMS and my other management server CO-OPSMGR-ACS.  

First I need to do a backup of the RMS encryption key

  1. Copy SecureStorageBackup.exe from the installation CD (X:\SupportTools) to the Ops Mgr installation directory (C:\Program Files\System Center Operations Manager 2007\)
  2. Open a command prompt and go to the installation directory
  3. Run the following commando: SecureStorageBackup.exe Backup C:\BackupOfKey.bin
  4. You will be asked to input a password to protect the file

Now I have a backup of my RMS, C:\BackupOfKey.bin. The next step is to import the excryption key to the other management server, and then promote the server to RMS. On your management server (non RMS): 

  1. Copy SecureStorageBackup.exe from the installation CD (X:\SupportTools) to the Ops Mgr installation directory (C:\Program Files\System Center Operations Manager 2007\)
  2. Copy ManagementServerConfigTool.exe from the installation CD (X:\SupportTools) to the Ops Mgr installation directory (C:\Program Files\System Center Operations Manager 2007\)
  3. Copy the encryption key backup from the RMS to the other management server Ops Mgr installation directory
  4. Open a command prompt and go to the installation directory
  5. Run the following command: SecureStorageBackup.exe Restore BackupOfKey.bin
  6. You will be asked to input a password
  7. Verify that the key was successfully restored
  8. Run the flollowing command: ManagementServerConfigTool.exe promoteRMS
  9. You will see a warning, read it and then press Y and enter
  10. Make sure you get a “PromoteRMS performed successfully” (also look for any information about additional commands that needs to be run on the orginal RMS)

If you new management server cant contact your orginal RMS you will have to run the following command on the orginal RMS, “ManagementServerConfigTool.exe UpdateDemotedRMS”, but dont worry, the ManagementServerConfigTool.exe will tell you to run it if necessary.

If you start the Ops Mgr console on your orgnal RMS you will have to choose to connect to your new RMS, as the SDK service is no longer running local.

I read somewhere that reporting will not work on the new RMS, and I can confirm that. If I start the console on the new RMS and click reporting a get a “Loading reporting hierarchy failed” message. But if the orginal RMS is online, even as a normal management server, the reporting part is working from the new RMS.

To restore the RMS role back to your orginal RMS

  1. Open a command prompt on your orginal RMS and go to the Ops Mgr installation directory
  2. Run the following command: ManagementServerConfigTool.exe promoteRMS
  3. You will see a warning, read it and then press Y and enter
  4. Make sure you get a “PromoteRMS performed successfully” (also look for any information about additional commands that needs to be run on the orginal RMS)

If you new RMS can´t contact your current RMS you will have to run the following command on the current RMS, “ManagementServerConfigTool.exe UpdateDemotedRMS”, but dont worry, the ManagementServerConfigTool.exe will tell you to run it if necessary.

That should do it, now your orginal RMS is the RMS again.

One thought on “RMS Disaster Recovery – part II

Comments are closed.