This Knowledgebase article provides information about how to upgrade Neverfail servers in a secure domain and enforce policies on domain servers.
The usual procedure for performing upgrades requires a Management IP, but passive servers in secure domains are not configured with Management IPs. To work around this requirement, perform the following procedure before performing the upgrade on secure domains.
|WARNING !||You should try other methods first and use this procedure only as a "last resort."|
- In Active Directory Users and Computers Microsoft Management Console, move the Heartbeat Server into an Active Directory Organizational Unit container that does not enforce the Secure policy. Create the container if one does not exist.
- Temporarily configure DisablePasswordChange on the passive server from 0 to 1.
- Perform the following command: gpupdate.exe /force .
- Perform the appropriate upgrade procedure described in Knowledgebase Article #1797 — How to Upgrade a Protected Application with Neverfail Heartbeat Installed .
- In Active Directory Users and Computers Microsoft Management Console, move the Heartbeat Server into the original Active Directory Organizational Unit.
- Reset DisablePasswordChange from 1 to 0 on the passive server.
- Perform the gpupdate.exe /force command again.
Neverfail Heartbeat version 5.5 and more recent.
This Knowledgebase article supplements Knowledgebase Article #1797 — How to Upgrade a Protected Application with Neverfail Heartbeat Installed .