i had a need to migrate a management server from R77.30 to MDS R80.10 which has several policy package one for each FW. i was asked to migrate each policy package into a different DMS on the MDS server.

because the FWs are new and we will use different DMS the internal CA will need to be reinitialize.

also during this big topology change we had the chance to change the naming scheme.

the real need in the migration was to save the policy (FW,APP & IPS) and object.

i have followed this steps for doing it.

Update the Managment Server to the DMS parameters

1. export the original server from R77.30 using R77.30 migration tool
2. import the R77.30 to a temporary management server VM
3. take a snapshot of this VM
4. removing all the licenses from the management server object
5. change the object name of the management server
6. install database
7. change the OS hostname
8. cpstop
9. followed sk94871 for re-initializing the Internal CA to match the new DMS name, and to get rid of the security issue that multiple DMS will hold the same InternalCA keys
10. reboot the machine
11. change the IP of the object to match the new DMS IP
12. change the the IP of the OS
13. reboot
14. login with smart dashboard to check everything is fine
15. migrate export with Pre R80 upgrade tools of R80.10
16. revert to step 3 and run the process for all other packages

Import the exported package to a new DMS

1. create a new domain without starting it: mgmt_cli add domain name <domain name> servers.ip-address <dms ip> servers.name <dms name> servers.multi-domain-server <mds server name> servers.skip-start-domain-server true
2. get the path of the new DMS
   1. mdsenv <ip of new DMS>
   2. echo $FWDIR
   3. mdsenv
3. import the exported package
   1. cma_migrate <package full path> <DMS path from previous step>
4. start the new DMS: mdsstart_customer <ip of new dms>
5. verify the new DMS is up: mdsstat
6. login to the new DMS
7. delete the irrelevant policy layers from the new DMS