Migrating Mobile Security for Enterprise (TMMS) 8.0

Migrating Mobile Security for Enterprise (TMMS) 8.0 to version 9.0
Before Migration
You must have TMMS 8.0/8.0 SP1 installed before upgrading to TMMS 9.0. Pay attention to the following
when migrating from TMMS 8.0/8.0 SP1 to TMMS 9.0:
Important: Upgrade the TMMS 8.0 server to version 8.0 SP1 before doing the migration.
1. The current version does not support migration from TMMS 8.0 to TMMS 9.0 using Cloud
Communication Server. If you use Local Communication Server in TMMS 9.0, you need to install the
Local Communication Server on the computer that has the same server address and port with
Communication Server 8.0, refer to "Step 4: Restore in TMMS 9.0".
2. After migration, all Android devices will receive a notification to upgrade the agent to 9.0; after the
upgrade, the device can be managed by the server through the new agent. All iOS devices will receive
a notification to download the new iOS agent from the app store; and an application icon named
"TMMS upgrade" will be provisioned to the home screen. When the agent is installed, users need to
click the icon in order for the agent to communicate with the server. The TMMS upgrade icon will be
deleted automatically after the agents connect to the server. There is no need to re-enroll the device
again; and no need to remove or re-install any profile.
3. For TMMS 8.0 only, you need upgrade the server to version 8.0 SP1 before migrating to TMMS 9.0.
There is no need to upgrade all device agents to 8.0 SP1 because all device agents of TMMS 8.0 can
be upgraded to TMMS 9.0 directly. Make sure the server upgrade from TMMS 8.0 to 8.0 SP1 is
successful; you can let several Android and iOS devices be updated to 8.0 SP1 to verify if the upgrade
is successful.
Frequently Asked Questions (FAQ)

Before doing restoration, do we need to copy any file from TMMS 8.0?
Yes. You need to copy the following files:
 Database backup file
 configuration backup files
Refer to "Step 3. Copy The Back Up Files" for detailed information.

Could we migrate from TMMS 8.0 using SQL Server 2008 to TMMS Mobile Device Management
(MDM) 9.0 using SQL Server 2005?
No. Trend Micro recommends using the same version of SQL Server for TMMS 8.0 and TMMS 9.0. If
you use different versions, make sure that the database backup file could be restored from TMMS 8.0
to TMMS 9.0.
OVERVIEW
Below is the deployment structure of TMMS migration tool:
1
deployment
Source
(MDM 8.0)
Destination
(MDM 9.0)
Database
Database
Backup files
Database
MDM
Configuration
MDM
Migration tool
When you migrate from TMMS version 8.0 to 9.0, you need to back up the files from version 8.0 and then
restore the files in the computer where version 9.0 will be installed.
The backup file includes two parts:
 Database backup file: Backup of version 8.0 database.
 Configuration backup files: Backup of version 8.0 configuration files in the Management Server.
TMMS version 8.0 and TMMS version 9.0 cannot be installed in the same computer at the same time.
If you want to keep using the same computer, you need to use the migration tool to back up all the important
files and then uninstall TMMS 8.0. After removing version 8.0, you can now install version 9.0.
Important: Do not uninstall TMMS 8.0 before you back up the data in the server. If you uninstall TMMS 8.0
before you back up all the important files, you will lose all the data.
Refer to the TMMS Migration Tool User Interface (UI) below:
2
Source
 S1: Version of Source Management Server.
 S2: Source TMMS installation path, which will be shown after the source version is selected.
 S3: Path of Source Database backup file.
 S4: Backup button. This button will be enabled if the Management Server is correctly installed and the
version is correctly selected.
Destination
 D1: Version of Destination Management Server. In current release, 9.0 is supported.
 D2: Destination of TMMS installation path which will be shown after the source version is selected.
 D3: Path of Destination Database backup file.
 D4: Restore button. This button will be enabled if the Management Server is correctly installed and the
version is correctly selected.
Note: To deploy the migration tool, you only need to copy the migration tool package (migration.exe) to the
computer where the management server is installed.
3
Step 1: Preparation
1. Before doing the migration, install SQLcmd tool. Refer to readme.txt.
Note: If the operating system is Windows Server 2008 or lower version, after sqlcmd tool is correctly
installed, you need to add the full path of "sqlcmd.exe" to Environment Variables manually.
In this part, we will take Windows Server 2003 as example:
A. Open the Environment Variables:
 Right-click My Computer > Properities > Advanced tab > Environment Variables.
In Windows Server 2008, the steps are similar:
 Right-click Computer > Properities > Advanced System Settings > Advanced tab >
Environment Variables.
B. In System variables section, select Path then click Edit.
4
C. Add the full path of sqlcmd.exe.
The sample full paths of sqlcmd.exe are the following:
 C:\Program Files\Microsoft SQL Server\100\Tools\Binn
 C:\Program Files\Microsoft SQL Server\110\Tools\Binn
You can get the full path by searching "sqlcmd.exe" in the installation directory of sqlcmd tool
such as C:\Program Files\Microsoft SQL Server directory.
2. If you deployed an SSL certificate in TMMS 8.0, you need to export the certificates from the TMMS 8
Communication Server.
To do this:
A. Log in to the Communication Server of version 8.0 and go to Certificate Configuration by
doing the following:
 Go to Server Manager > Roles > Web Server (IIS) > Internet Information Services (IIS)
Manager > Connections > Server Certificates.
5
B. Select the certificate of the TMMS 8 Communication Server, and then click View.
C. Click Certification Path tab; select the CA certificate (used by iOS devices) then click View
Certificate.
6
D. Go to Details tab then click Copy to File….
E. Export the certificate following the default settings of the Certificate Export Wizard.
7
8
F. Select the certificate of TMMS 8 Communication Server, and then click Export.
G. Type the detail information of the certificate then click OK.
The certificate will be exported successfully.
9
Step 2: Back up TMMS 8.0 SP1
1. Download and run the migration tool on the computer where you install the TMMS 8 Management
Server.
Example:
C:\migration\migration.exe
2. Once the migration tool is started, under the Backup current version section, select 8.0 on the Version
dropdown.
If the server has been correctly installed, it will show the installation path like the image below:
3. Set the backup path for the database:
A. Log on to the computer that the database server is installed.
B. Create a new folder in C:\ directory.
Example: C:\bakExample: C:\bak
Source
(MDM 8.0)
Database
(10.64.67.11)
Create Directory
C:\bak
This will be used as a backup path for the database file.
C. Input the backup path in the migration tool.
10
D. Click the Backup button.
After backup is finished, all the configuration files will be stored in C:\migration\bak directory.
Source
(MDM 8.0)
MDM
(10.64.40.32)
C:\migration\bak
Migration Tool
(Path: C:\migration\migration.exe)
11
Note: C:\migration directory is the folder of migration tool. The folder ..\bak will be generated
automatically in the same path of migration.exe file.
The database backup file will be stored in the path you specified in Step 3.
Database
(10.64.67.11)
Source
(MDM 8.0)
C:\bak\joray_8_8.0_2013-6-6-11-3-3.bak
MDM
(10.64.40.32)
Migration tool
Important: Do not change the name of database backup file.
Step 3: Copy the Backup Files
You need to copy the backup files from TMMS 8.0 to the computer where you want to install TMMS 9.0
manually.
Database backup file
 If you want to use the same SQL server for TMMS 9.0, do not copy the database file.
 If you want to use a different SQL server for TMMS 9.0, you need to manually copy the backup file to
the computer where the SQL server for TMMS 9.0 is installed.
Source
(MDM 8.0)
Destination
(MDM 9.0)
Database
(10.64.67.11)
Database
(10.64.66.14)
C:\bak\joray_8_8.0_2013-6-6-11-3-3.bak
C:\bak\joray_8_8.0_2013-6-6-11-3-3.bak
Copy
Picture 3. 1
12
Configuration backup files
You need to copy the migration tool package to the computer where Management Server of TMMS 9.0 is
installed.
 If you use the same computer to install TMMS 9.0, do not copy the configuration file. Use the default
settings provided by the migration tool.
 If you use a different computer to install version 9.0, you need to copy the configuration backup files
to the computer that version 9.0 is installed. The configuration files are saved in
C:\migration\bak.
Source
(MDM 8.0)
Destination
(MDM 9.0)
MDM
(10.64.40.32)
MDM
(10.64.40.50)
Migration Tool
(Path: C:\migration\)
Migration Tool
(Path: C:\migration\)
Migration.exe
Migration.exe
bak
bak
Copy
Step 4: Restore In TMMS 9.0
1. Preparation:
A. Install the Management Server.
Refer to the Installation and Deployment Guide for the detail installation.
13
Note:

B.
C.
If you want to install version 9.0 on the same computer that version 8.0 is installed, uninstall
version 8.0 and OfficeScan before installing version 9.0.
 If you use the same SQL server, you need to create a new database name during the
installation. Do not connect the database that you used for version 8.0.
 If you have installed the Management Server and it was used for a long time, create a new
database through web console before doing the migration.
Install Blackberry tool.
Note: If you do not use the Blackberry tool, you can skip this step.
Blackberry tool should be installed to the machine of Management Server 9.0 before migration.
Make sure the installation path is the same with the installation path of Blackberry tool on
Management Server 8.0.
Install Communication Server.
TMMS 9.0 support the following Communication Server:
1) Local Communication Server
If you use Local Communication Server, you need to install the Local Communication Server on
the computer that has same server address and port with TMMS 8.0 Communication Server.
Note: If you install Local Communication Server on the same computer that you install TMMS
8.0 Communication Server, you need to uninstall the TMMS 8.0 Communication Server first.
Important: If the Local Communication Server uses the different server IP address and port
number, you cannot manage all the registered mobile devices.
To manage existing devices enrolled into TMMS 8.0, the Local Communication Server address
and port number of TMMS 9.0 should match the TMMS 8.0 Communication Server IP address
and port number. Otherwise, managed devices will not be recognized by the Local
Communication Server of TMMS 9.0.
Import the SSL certificate that you exported to the Server Certificate screen when you install
Local Communication Server. Refer to Import SSL Certificates below for detailed instructions.
Import SSL Certificates
For Local Communication Server, you need to import the certificates exported from
Communication Server version 8.0 (refer to Step 2, under the Preparation Section).

Public and Private SSL Certificate
If you are using a Public/Private SSL Certificate in version 8.0, you need to import the
SSL certificate during the installation of Local Communication Server.
Refer to "Chapter 3: Installing and Removing Server Components" in the Installation
and Deployment Guide (IDG) of TMMS version 9.0. More information can be found on
"Installing the Local Communication Server" of IDG.
14
Destination
(MDM 9.0)
MDM
(10.64.40.50)
CertConfigTool.exe
\Trend Micro\Communication Server
After installing Local Communication Server, You can find CertConfigTool file in local
communication server install path.
e.g. C:\Program Files (x86)\Trend Micro\Communication Server.
Run CertConfigTool to import the CA certificate exported in the Preparation section of
this article. To do this:
After you import the certificate successfully, restart the Local Communication Service.
15
2)
Cloud Communication Server
If you want to use Cloud Communication Server, you need to re-enroll all the registered mobile
devices. Currently there is no support for migration to Cloud Communication Server.
2. Run the migration tool to restore the backup file:
A. Run the migration tool on the computer where you installed the TMMS 9.0 Management Server.
B. Under the Migrate data to destination section, Select 9.0 on the Version dropdown. If the server has
been correctly installed, it will show the installation path below:
3. Database restore
 If you use the same SQL server, you can input the path where you save the backup file.
 If you use a different SQL server, you need to copy the database backup file into the computer where
the target SQL server is installed.
Then input the path where you save the database file.
Note: Make sure you are connected to the new SQL server during the version 9.0 installation.
16
4. Restore
Click the Restore button. During the process, a database backup file of TMMS 9.0 Management
Server will be generated in the database server for exception and rollback.
Destination
(MDM 9.0)
Database
(10.64.66.14)
joray_8_8.0_2013-6-6-11-3-3.bak
joray_test_9.0_2013-6-6-12-29-54.bak
C:\bak
A dialog window will pop up after migration. It will display the migration result.
 If the information is success, you can move on to the next step.
 If you see failed information, check the Logs in the migration tool directory to get detailed
information of the failure and then try again.
5. After Migration
EULA
You need to upload the customized EULA manually after you finished the migration.
Device Agents
All device agents will receive an update/upgrade notification and the need to update.
17