Running Agent Mover

  1. On the OfficeScan server, go to <Server installation folder>\PCCSRV\Admin\Utility\IpXfer.
  2. Copy IpXfer.exe to the OfficeScan agent endpoint. If the OfficeScan agent endpoint runs an x64 type platform, copy IpXfer_x64.exe instead.
  3. On the OfficeScan agent endpoint, open a command prompt and then go to the folder where you copied the executable file.
  4. Run Agent Mover using the following syntax: <executable file name> -s <server name> -p <server listening port> -c <agent listening port> -d <domain or domain hierarchy> -e <Certificate location and file name> -pwd <agent unload and unlock privilege password>
    Table 1. Agent Mover Parameters

    Parameter

    Explanation

    <executable file name>

    IpXfer.exe or IpXfer_x64.exe

    -s <server name>

    The name of the destination OfficeScan server (the server to which the OfficeScan agent will transfer)

    -p <server listening port>

    The listening port (or trusted port) of the destination OfficeScan server (for local servers only)

    To view the listening port on the OfficeScan web console, click Administration > Settings > Agent Connection in the main menu.

    -sp <server HTTPS listening port>

    The listening port (or trusted port) of the destination OfficeScan server for HTTPS communication

    -c <agent listening port>

    The port number used by the OfficeScan agent endpoint to communicate with the server

    -d <domain or domain hierarchy>

    The agent tree domain or subdomain to which the agent will be grouped

    The domain hierarchy should indicate the subdomain.

    -e <Certificate location and file name>

    Imports a new authentication certificate for the OfficeScan agent during the move process

    If this parameter is not used, the OfficeScan agent automatically retrieves the current authentication certificate from its new managing server.

    Note:

    The default certificate location on the OfficeScan server is:

    <Server installation folder>\PCCSRV\Pccnt\Common\OfcNTCer.dat.

    When using a certificate from a source other than OfficeScan, ensure that the certificate is in Distinguished Encoding Rules (DER) format.

    -pwd <agent unload and unlock privilege password>

    The unload and unlock privilege password configured in Privileges and Other Settings

    Note:

    If the unload and unlock password is required and you do not provide the password, Agent Mover prompts you before attempting to move agents.

    -dbg

    Enables connection debug logging

    Examples:

    • For OfficeScan servers using HTTP communication:

      ipXfer.exe -s Server01 -p 8080 -c 21112 -d Workgroup -pwd unlock

      ipXfer_x64.exe -s Server02 -p 8080 -c 21112 -d Workgroup\Group01 -pwd unlock

    • For OfficeScan servers using HTTPS communication:

      ipXfer.exe -s Server01 -sp 443 -p 8080 -c 21112 -d Workgroup -pwd unlock -dbg 1

  5. To confirm the OfficeScan agent now reports to the other server, do the following:
    1. On the OfficeScan agent endpoint, right-click the OfficeScan agent program icon in the system tray.
    2. Select Component Versions.
    3. Check the OfficeScan server that the OfficeScan agent reports to in the Server name/port field.
      Note:

      If the OfficeScan agent does not appear in the agent tree of the new OfficeScan server managing it, restart the new server's Master Service (ofservice.exe).