Restoring Secret Server from a Backup

To restore your Secret Server from a backup:

Restoring the Application

  1. Extract your backup zip file of the Secret Server application directory, or copy the files from your other backup location to the physical file path that your virtual directory is pointing to.

  2. If you have configured encryption of your encryption.config using EFS or DPAPI, you will need to replace the file from the backup with the unencrypted one.

  3. Check that FIPS mode is not enabled on the server to avoid an error during the process.

Restoring the SQL Server Database

Choose one of the following scenarios:

Scenario One: Database and Secret Server Are in the Same Location

  1. Open SQL Server Management Studio and connect.

  2. Right click Databases and click the Restore Database button.

  3. In the To database text box, type the database name or select it from the drop down list.

  4. Click to select the Device radio button.

  5. Browse to your database backup file.

  6. In the Restore Database window Options section, ensure the Force Restore over Existing Database check box is checked.

  7. Click the Ok button.

  8. If you get an error saying that Management Studio was unable to get exclusive access to the database:

    1. Right click on the Secret Server database and go to Properties.
    2. At the very bottom, change the Restrict Access property to "SINGLE_USER". This closes all other connections to the Secret Server database.
    3. Re-attempt the restore.

  9. Disable Force SSL if there is no certificate installed on the server you are restoring to.

  10. In SQL Server Management Studio, expand the databases and select the database for Secret Server.

  11. Select New Query at on the menu bar to open a query pane.

  12. Copy the following command: UPDATE [dbo].[tbConfiguration] SET ForceHttps = 0 into the query pane

  13. Click Execute on the menu bar.

  14. After the query executes successfully, restart Internet Information Server (IIS) by running iisreset from the command line.

    If you are prompted for database credentials when accessing Secret Server and are unable to re-connect, you may need to remap the user.

  15. Expand the Security > Users folder under the Secret Server database.

  16. Remove the user that Secret Server will use to access the database.

  17. Expand the Security > Logins folder under the SQL Server root.

  18. Right click on the log on corresponding to Secret Server and select User Mappings.

  19. Re-map the log on to the Secret Server database.

  20. If necessary, activate your licenses by going to the Licenses page.

Scenario Two: The Database and Secret Server Are in Different Locations

  1. Delete the database.config file from the Secret Server folder.

  2. Restart Internet Information Server (IIS) by running iisreset from the command line.

  3. Use your Web browser to navigate to the new instance of Secret Server. This redirects you to the Web installer because the database.config file is missing and it thinks you have not installed yet.

  4. Open SQL Server Management Studio and connect.

  5. Right click Databases and click the Restore Database button.

  6. In the To database text box, type the database name.

  7. Click to select the Device radio button.

  8. Browse to your database backup file.

  9. In the Restore Database window options make sure the Force Restore over Existing Database Check box is checked.

  10. Click Ok.

  11. If you get an error saying that Management Studio was unable to get exclusive access to the database:

    1. Right click on the Secret Server database and go to Properties.

    2. At the very bottom, change the Restrict Access property to "SINGLE_USER". This closes all other connections to the Secret Server database.

    3. Re-attempt the restore.

  12. Disable Force SSL if there is no certificate installed on the server you are restoring to.

  13. Copy the following command: UPDATE [dbo].[tbConfiguration] SET ForceHttps = 0 into the query pane

  14. Click Execute on the menu bar.

  15. Navigate through the Web installer to Step 3.

  16. Type the new database credentials (new server location, username, and password).

  17. If you are unable to re-connect you may need to remap the user.

    If you are prompted for database credentials when accessing Secret Server and are unable to re-connect, you may need to remap the user.

  18. Expand the Security > Users folder under the Secret Server database.

  19. Remove the user that Secret Server will use to access the database.

  20. Expand the Security > Logins folder under the SQL Server root.

  21. Right click on the log on corresponding to Secret Server and select User Mappings.

  22. Re-map the log on to the Secret Server database.

  23. Once past Step 3, you are finished. Go to the home.aspx page (click the Secret Server logo). There is no need to go any further with the install because the database.config has been recreated with the new information.

  24. If necessary, activate your licenses by going to the Licenses page.