Hi Martin!
MrSoapsud: I've been removing the pointfix before attempting the upgrade - do I need to?
IP: There is no need to manually uninstall previously installed Point Fix or cumulative point fix if you are going to upgrade own ITMS to higher version.
MrSoapsud: I've been upgrading the WADK before attempting the upgrade - do I need to?
IP: No need to update WADK before ITMS upgrade, better to update it after ITMS upgrade and then create/re-create new WinPE
MrSoapsud: I have to update MSADO and add an IIS component in the pre-reqs for the upgrade - expected?
IP: Yes, this is required by Install Readiness Check section so this should be done before ITMS upgrade starting.
MrSoapsud: Last row of the DB Schema: 8 8.5.4249.0 0 2019-06-18 11:17:34.430.
IP: Well, this is OK then that DBSchema version is 8.5.4249.0 (exactly 8.5 RU2) because sometimes user can forget to restore DB to previous version while his ITMS is higher version in this case SIM will show similar error messages in UI "The selected Product Listing file does not contain installed products definitions. Symantec Installation Manager functionality is limited."
MrSoapsud: With the firewall I'm just trying to prevent clients getting ahead in case I need to roll back the upgrade (assuming I ever actually do it successfully)! I also have the package servers down.
IP: I would avoid such method with firewall usage, because as previously mentioned, when agents aren't in block-out period, they still will try to check available tasks via CTA, get policies, send basic inventory, and all these events amount on each client will grow and grow so suddenly when firewall will be disabled, large amount of nse will come from all agents immediately to NS.
MrSoapsud: Should I just stop all the agents from upgrading?
IP: After ITMS upgrade, all SMA, Site Server and other solution agents upgrade rollout policies are disabled by default, therefore agent will not be automatically upgraded to a newer version until user will enable required Agent upgrade rollout policies.
MrSoapsud: With the agent blockouts, do I need to specify 24 hours for several days to buy me time?
IP: Sure, you can choose on which exact days and what time agents should have block-out period enabled
Some information from documentation about blockout period
Blockout periods
|
Lets you specify the blockout periods that you want to use. You can specify any number of blockout periods.
If a blockout prevents a software delivery package download, the package download starts immediately when the blockout expires, according to the download options you selected:
-
Download
The package server and Symantec Management Agent do not download any software delivery packages. However, the Symantec Management Agent still sends events and gets Symantec Management Agent Settings policy requests from Notification Server. Events and Symantec Management Agent Settings policy requests are typically small amounts of information and have minimal effect on the network traffic. However, packages can be large and can affect the network load. This setting can help minimize the effect of package servers and Symantec Management Agents on the network during business hours.
-
Total
There is no communication between the package server or Symantec Management Agent and Notification Server during the specified time period. All events from the Symantec Management Agent are queued (on the Agent) and are sent after the blockout.
|
Best regards,
IP.