Process to Migrate the ERAS Database when the Master Key Password is Unknown:(if the master key password is known, see alternate process below):

1.     STOP ERAS

a.     Stop IIS on all ERAS servers so that no changes can be made during the migration process

2.     Regenerate the Master Key password on the existing SQL server using the following process.

a.     Open "New Query" against the original ERAS DB, enter the following script and execute:
USE ERAS
GO
ALTER MASTER KEY REGENERATE WITH ENCRYPTION BY PASSWORD =
'PasswordToRemember'

b.    *Note - 'PasswordToRemember' is replaced by new Database Master Key Password.  Single quotes must be used around the password. 

c.     'Command completed successfully' will appear in Results

3.     After regenerating the DB Master Key, perform a new backup of the ERAS DB

4.     Create a SQL login for the ERAS service account on the new SQL instance

a.     Open SQL management studio and connect to the new instance

b.    In the left pane expand Security

c.     Right click on Logins and select New Login…

d.    Next to the Login Name field click the Search button

e.    Select the existing ERAS service account from active directory

f.      If the SQL instance’s default language is anything other than “English” you must select English as the default language for this account

g.    Click OK to create the new login

5.     Restore the backup from step 3 to the new SQL server instance

6.     After performing the restore, open "New Query" against the restored DB, enter the following script and execute:

USE [ERAS]
go
OPEN MASTER KEY DECRYPTION BY PASSWORD =
'PasswordToRemember'
ALTER MASTER KEY REGENERATE WITH ENCRYPTION BY PASSWORD =
'PasswordToRemember'
OPEN SYMMETRIC KEY Host_Key_01
DECRYPTION BY CERTIFICATE ProfileCert01;

*Note - 'PasswordToRemember' needs to be filled in with the newly created Master Key password from step 2 above.

7.     'Command completed successfully' will appear in Results

8.     Ensure that the ErasService user on the ERAS database is correctly mapped to the newly created login

a.     Expand Databases > ERAS > Security > Users and check to see if there is a user named “ErasService”

b.    For proper operation this SQL user account must be named exactly as ErasService even if the service account name is something different in AD

c.     If the name of this user has changed to something else, right click on it, select rename and type ErasService

d.    Double click on ErasService (or right click and select properties)

e.    Under Login name make sure that the login created in step 4 is shown (this is how the ErasService user gets mapped to the actual service account in active directory)

9.     Edit the database connection string on the ERAS server to point to the new database:

a.     On the ERAS Server, navigate to:

:Program Files\Wave Systems\EMBASSY Remote Administration Server\Server\Web.config
and
:Program Files\Wave Systems\EMBASSY Remote Administration Server\WCFService\web.config

b.    Save a copy of the config file. Then open the file in Notepad and search for 'connectionstring'
connectionString="Database=ERAS;Server=SQL_Server_Instance_Name;Integrated Security=SSPI; providerName="System.Data.SqlClient"/>

c.     Change the connection string to the SQL Server instance where the database was restored.

MUST EDIT THIS IN BOTH web.config files. If using ERAS 1.7 or below the WCFService folder will not exist so there is only one file to be edited

10.   Restart IIS on all ERAS servers to bring them back online

11.   Open ERAS and verify that client management is successful.

 

Process to Migrate the ERAS Database when the Master Key Password is Known:

1.     STOP ERAS

a.     Stop IIS on all ERAS servers so that no changes can be made during the migration process

2.     Back up the ERAS database (critical to ensure that the most up to date backup is available).

3.     Create a SQL login for the ERAS service account on the new SQL instance

a.     Open SQL management studio and connect to the new instance

b.    In the left pane expand Security

c.     Right click on Logins and select New Login…

d.    Next to the Login Name field click the Search button

e.    Select the existing ERAS service account from active directory

f.      If the SQL instance’s default language is anything other than “English” you must select English as the default language for this account

g.    Click OK to create the new login

4.     Restore the ERAS database backup onto the new SQL server.

5.     Open "New Query" in SQL against the restored database, enter the following script and execute:

USE [ERAS]
go
OPEN MASTER KEY DECRYPTION BY PASSWORD =
'PasswordToRemember'
ALTER MASTER KEY REGENERATE WITH ENCRYPTION BY PASSWORD =
'PasswordToRemember'
OPEN SYMMETRIC KEY Host_Key_01
DECRYPTION BY CERTIFICATE ProfileCert01;

**NOTE: ‘PasswordToRemember’ is replaced by the Database Master Key Password.  Single quotes must be used around the password.

6.     'Command completed successfully' will appear in Results.

7.     Ensure that the ErasService user on the ERAS database is correctly mapped to the newly created login

a.     Expand Databases > ERAS > Security > Users and check to see if there is a user named “ErasService”

b.    For proper operation this SQL user account must be named exactly as ErasService even if the service account name is something different in AD

c.     If the name of this user has changed to something else, right click on it, select rename and type ErasService

d.    Double click on ErasService (or right click and select properties)

e.    Under Login name make sure that the login created in step 3 is shown (this is how the ErasService user gets mapped to the actual service account in active directory)

8.     Edit the database connection string on the server to point to the new database:

a.     On the ERAS Server, navigate to:

:Program Files\Wave Systems\EMBASSY Remote Administration Server\Server\Web.config
and
:Program Files\Wave Systems\EMBASSY Remote Administration Server\WCFService\web.config

b.    Save a copy of the config file.  Then open the file in Notepad and search for 'connectionstring'
connectionString="Database=ERAS;Server=SQL_Server_Instance_Name;Integrated Security=SSPI; providerName="System.Data.SqlClient"/>

c.     Change the connection string to the SQL Server instance where the database was restored.

MUST EDIT THIS IN BOTH web.config files. If using ERAS 1.7 or below the WCFService folder will not exist so there is only one file to be edited

10.   Open ERAS and verify that client management is successful.