Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
kb1
Collaborator
Jump to solution

Promoting secondary server to primary issues

Hello Everyone,

Im trying to promote my secondary management server running R80.20 to primary as i want to sync another newly installed management server, im trying to follow this sk here 114933 but for the first solution when i execute 

$FWDIR/bin/promote_util
-bash:  /opt/CPsuite-R80.20/fw1/bin/promote_util: No such file or directory

 

It shows no such file or directory, now do i create that myself or whats me next step because the second solution as stated below is very difficult to follow -

 

This one utility does the same as following manual procedure outlined below: 

 

On the Secondary Security Management Server perform following procedure:

 

  1. Stop all running Check Point services by running the cpstop command. 
  2. Backup the $FWDIR/conf/objects_5_0.C file. 
  3. Edit the objects_5_0.C file as follows:

 

  1. Edit the former Primary Server Object definitions by searching for Primary Server Object name:

    Example of the beginning of an object that is called PRIMARY-CP-MGMT    : (PRIMARY-CP-MGMT  

    under section :AdminInfo change

    From
    :Deleteable (false)
    To
    :Deleteable (true)

    in the same object search for :primary_management and change

    From
    :primary_management (true)
    To 
    :primary_management (false) 

 

  1. Edit the old Secondary Object definitions by searching for the secondary management server object name:

     under section :AdminInfo change

From

:Deleteable (true)

To

:Deleteable (false) 

  From

:primary_management (false)

To

:primary_management (true)

 

There are more steps which i havent copied here but it seems too difficult to follow as i am able to get to the objects_5_0.C file and search for : (PRIMARY-CP-MGMT  nothing shows up, i search for "PRIMARY" keyword as well and nothing shows up, and there seems to be hundreds of sections that have ":AdminInfo" keyword in them so no idea which exact part i have to edit so please need help here, just want to be able to sync the newly setup management server successfully.

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
You're trying to follow the steps for versions prior to R80 on R80.20.
As noted in the SK, refer to the following documentation for the correct procedure: https://sc1.checkpoint.com/documents/R80.30/WebAdminGuides/EN/CP_R80.30_SecurityManagement_AdminGuid...

View solution in original post

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
You're trying to follow the steps for versions prior to R80 on R80.20.
As noted in the SK, refer to the following documentation for the correct procedure: https://sc1.checkpoint.com/documents/R80.30/WebAdminGuides/EN/CP_R80.30_SecurityManagement_AdminGuid...
0 Kudos
kb1
Collaborator

Looks like the command is working now thanks.

0 Kudos
JozkoMrkvicka
Mentor
Mentor

try to find correct path of "promote_util" file by running following command:

find / -name "promote_util"

Kind regards,
Jozko Mrkvicka
0 Kudos
kb1
Collaborator
hi thanks its working now.
0 Kudos