Data Loss Prevention (DLP) - Migration Rollback Automation Script

Hello,

In this guide I've written a basic script which will allow a basic rollback of DLP following issues migrating from 14.6 to 15.1, it should be noted that this article is only relevant if the installation of 15.1 has been completed and you're facing issues with the migrator.exe or post upgrade issues.

The script itself is a simple powershell script which reverses certain actions taken by the migrator.exe during the upgrade process. In summary when you run the migrator tool as part of its process it stops and disables the old Vontu services whilst starting the new SymantecDLP services. 

Old Services following migrator tool execution:

New Services following migrator tool execution:

(Few missed on screengrab but purely for illustration purposes)

Now the script I created will reverse these settings allowing you to revert back to 14.6 should you require it.

The script itself has basic functions:

1. Stop the new services

2. Change the start up type of the old services back to automatic

3. Start old services.

Now I've had to be quite careful with how these services are started and stopped as they need to be stopped in a certain order but also started in a certain order to avoid issues, see: 

https://support.symantec.com/en_US/article.TECH220...

So the way the script works is in invervals forced by a ping request for 10000ms (10 seconds) I've inserted these to insert delays between actions ensuring that the tasks do not overlap and stop/start in the incorrect order.

See script below:

Net stop SymantecDLPDetectionServerController
ping 192.0.2.2 -n 1 -w 10000
Net stop SymantecDLPIncidentPersister
ping 192.0.2.2 -n 1 -w 10000
Net stop SymantecDLPManager
ping 192.0.2.2 -n 1 -w 10000
Net stop SymantecDLPNotifier
ping 192.0.2.2 -n 1 -w 20000
Set-Service VontuNotifier -StartupType Automatic
Net start VontuNotifier
ping 192.0.2.2 -n 1 -w 10000
Set-Service VontuManager -StartupType Automatic
Net start VontuManager
ping 192.0.2.2 -n 1 -w 10000
Set-Service VontuIncidentPersister -StartupType Automatic
Net start VontuIncidentPersister
ping 192.0.2.2 -n 1 -w 10000
Set-Service VontuUpdate -StartupType Automatic
Net start VontuUpdate
ping 192.0.2.2 -n 1 -w 10000
exit

(The IP address may want to be changed, the purpose here is to ping an address you know does not exist so it will wait 10 seconds for a reply that will never occur)

As you can see by the above the process is quite simplistic but very handy opposed to starting/stopping and changing startup types manually,

I hope this proves to be useful,