export from R80.20

cd $MDS_FWDIR/scripts
./migrate_server export -v R81.10 -skip_upgrade_tools_check  /var/log/install/export/MDS01-export.tgz --exclude-licenses

Import to the R81.10 MDS

cd $MDS_FWDIR/scripts

./migrate_server import -v R81.10 -skip_upgrade_tools_check  /var/log/install/export/MDS01-export.tgz --exclude-licenses

I have followed the sk172645 that seemed to apply. The file was not empty. 

It successfully imports 8 of the CMAs then gets this error and stops.  I am also have to change the MDS ip as it is in another datacenter.

Thanks for you help. 

I suspect the TAC will need to be engaged to understand what's going on.
Or you might try exporting/importing the various domains one at a time versus trying to do it at the MDS level.

I have had a TAC case opened for several weeks and tried their recommendations but they have not solved this problem.  I looked in to exporting the global then the domains as the next step but that is not supported between R80 and R81. How crazy is that!? Checkpoint's next recommendation is the downgrade the destination and try these solutions. I was trying not to downgrade but I'm running out of things to try. I have used your suggestions and/or solutions over the years. Thanks for all your help. 

If I'm reading this correctly, you couldn't even migrate a domain from, say, R80.20 to R80.40.
Specifically the limitation "Migrating a Domain is possible only when the source and the destination have the same version installed"
Which, I will admit, was not something I was aware of when I made this suggestion. 
See: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

Send me the TAC case in a PM.

That is the way I understand it. It only supports the exact version domain migration.  I sent the TAC case. Thanks

I have another question. The import error says "failed to create CA" and "failed to retrieve FQDN" on the import of that domain. Is this because it is missing FQDN on the source domain? Is there a way to check if one exist? I see we can use "cp_conf ca FQDN" to create one on the domain. Will it cause problems on the source domain if I create one? Thanks 

This error comes up in the context of MDS upgrades of specific CMAs.
One thing I saw in a TAC case that might help.
As I don't have MDS installed anywhere, I can't provide more details.

The ICA is recreated upon upgrade, so the old case suggested to do this:
go to /opt/CPmds-R80.20/scripts/mdsadd_customer and comment out the last function which removes the CMA - this will make sure the CMA is imported as well.

Hopefully that provides a clue that might work in the meantime

Thanks. I'll go check on  the MDS for that script see if it helps. 

I see that script on the source at /opt/CPmds-R80.20/scripts/mdsadd_customer and on the destination at /opt/CPmds-R81.10/scripts/mdsadd_customer. It seems the one I should modify is the one in the destination server. Correct?

I think it's only on the destination but, like I said, not sure.
I was trying to track down where this recommendation came from and...I couldn't find it.

FYI: I commented out 2 lines from the destination MDS  /opt/CPmds-R81.10/scripts/mdsadd_customer subroutine exit_with_remove. The first was the remove cma line and the second was the exit script line.  This allowed the install to continue.  All the CMAs that do not have a problem were imported successfully.  The CMAs that have a problem were imported but the services do not start. 

#JCC $ENV LD_LIBRARY_PATH=${CPDIR}/lib:${FWDIR}/lib:${LD_LIBRARY_PATH} $MDSDIR/scripts/mdsremove_customer $cmaname $echocmd -brute
# exiting with the specified exit code
#JCC exit $exit_code

Thanks for your help.

Clearly this doesn't solve the problem for the CMAs that had issues, but at least it gets the rest of the CMAs up to the most recent release.