Starting this thread to help out anyone who is looking at a ConnApp to ArcMC migration experience. Overall I found that if you paid attention o the documentation you'll find that the overall process is not difficult, and can be done relatively easily
Environment Background:
- Almost 100 CA deployed of various gens/sizes
- All remotely managed from a single CA
Issue 1:
- After migration there is no "node management" or "configuration management" tabs available only administration. Reason being was admin user was not set in the ArcMC permissions group, in fact, there was not ArcMC permissions group created, so I had to make it myself.
Issue 2:
- If the ConnApp you have migrated was used to manage other CA's, The ArcMC agent doesn't get installed automatically.
- To fix this you have use the host export/import feature, to bulk re-add all your managed hosts. Doing this one by one is extremely time consuming
Issue 3:
- Most likely a by-product of Issue 2, but all the previously imported hosts report as software connectors, no matter what they were previously ie C3500, C5500 etc
- This also shows because your managed devices won't be separated into the appropriate tabs ie "connector appliance", "ArcMC" etc
Issue 4:
- The import host processes almost always fails, but does add a majority of the hosts. So you will need to double check the import log vs whats is shown
- Also almost every single time I have seen the import hosts miss the last host in your import list
Issue 5:
- This has been a huge pain, but when using the import host feature, the host is added, but the containers belonging to that host are NOT imported
- To fix you need to manually check every hosts, and if there are no containers present you will have to scan host to get the containers imported
Issue 6:
- The documentation on the import host procedure for making the csv is very unclear, but you need a special header line for the import to work
- The following line in quotes needs to be the first line of your csv "location,hostname,type,host username,host password,connector username,connector password,port/port range"
Issue 7:
- This is still relatively unclear to me, but though the ArcMC will still work with a ConnApp license, it has been recommend that you also migrate the license to an ArcMC license
- Support knows little about this, but the Licensing team can do this for you, you will need to provide SAID, list of migrated appliances and their serial numbers for them to migrate the license from a CA license to an ArcMC license
Issue 8:
- When scanning hosts to add containers, I have had a couple times where the container would not be associated with the correct port. For example Container 5 was associated with Port 9008
- The fix for this was to go directly to the managed host > send container command > regenerate remote mgmt key par > let it restart > click container to re-download the new keys. After that go back to your managing ArcMC, delete the host and re-add it. This solved the problem for me
- UPDATE: The above fix worked well when my managed host was a ConnApp, but it broke all my containers when it was an ArcMC. I was unable to re-download the new keys after I went through the steps. I have had to do an emergency restore to get this working again.
UPDATE 1:
Issue 9:
When taking a config backup of your old ConnApp make sure its less than 400mb, if its slightly larger there is a work around to allow a larger upload limit by going to <ArcSight_Home>/config/logger/logger.defaults.properties and edit the connectorappliance.restore.max.megabytes= 400 property. The biggest causes of a large config backup size is going to be cache in your connectors, so try and make sure your connectors don't have any caches in them or else your back up can be several gb in size.
This is all I have for now, I will update this thread if I see anything new. I hope this helps anyone else looking to doing a CA to ArcMC migration in the future.
