Archive for the ‘Datawarehouse’ Category

How to move the FEP Databases and the CM Site Database

by Jeramy Skidmore

You can move the Configuration Manager site database and associated Forefront Endpoint Protection (FEP) databases after setup has completed to a different SQL Server computer system by:

  1. Backing up the FEP data warehouse (FEPDW_<sitecode>)
  2. Backing up the Configuration Manager Site Database (SMS_<sitecode>)
  3. Uninstalling the FEP reporting component
  4. Restoring the site database and FEP data warehouse to their new locations
  5. Relocating the site database via Configuration Manager setup
  6. And then reinstalling the FEP Reporting component

Detailed steps follow.


Configuration Manager 2007 does support moving the site database from a remote SQL Server to the local site server computer if the site server computer is running a supported version of Microsoft SQL Server. For a list of supported SQL Server versions, see Configuration Manager Supported Configurations.


FEP hosts two databases, the FEP database (FEPDB_sitecode) and the FEP data warehouse (FEPDW_sitecode). The FEP database serves as a proxy database for extracting data from the Configuration Manager site database. It does not need to be backed up or moved, and will be recreated when the FEP Reporting component is reinstalled.

To move the databases

Important: You will require access to the FEP 2010 installation media in order to successfully complete these steps.

  1. Back up the site database on the current site database server and restore it on the new site database server computer using the SQL Server Management Studio. For more information, see How to Move the Site Database.
  2. Back up the FEP data warehouse (FEPDW_sitecode) on the current FEP Reporting SQL Server and restore it to the new Reporting SQL Server. (If you have a remote reporting database and are not moving the FEP reporting database, you can skip this step.)


    Ensure that the database access permissions are the same on the new databases as they are on the original databases.

  3. On the site server, in Add/Remove programs, uninstall Microsoft Forefront Endpoint Protection 2010 Reporting.
  4. Ensure the primary site server computer account has administrative privileges over the new site database server computer.
  5. Close any open Configuration Manager console connections to the site server.
  6. On the primary site server computer, use the hierarchy maintenance tool (Preinst.exe) to stop all site services by using the following command: Preinst /stopsite.
  7. On the primary site server computer, click Start, click All Programs, click Microsoft System Center, click Configuration Manager 2007, and click ConfigMgr Setup, or navigate to the .\bin\i386 directory of the Configuration Manager 2007 installation media and double-click Setup.exe.
  8. Click Next on the Configuration Manager Setup Wizard Welcome page.
  9. Click Perform site maintenance or reset this site on the Configuration Manager Setup Wizard Setup Options page.
  10. Select Modify SQL Server configuration on the Configuration Manager Setup Wizard Site Maintenance page.
  11. Enter the appropriate SQL Server name and instance (if applicable) for the new site database server as well as the site database name on the Configuration Manager Setup Wizard SQL Server Configuration page.
    Configuration Manager Setup performs the SQL Server configuration process.
  12. Restart the primary site server computer, and verify the site is functioning normally.
  13. On the site server, run serversetup.exe from the FEP installation media.
  14. On the Installation Options step, choose Advanced Topology.
  15. On the Advanced Toplogy step, ensure that FEP 2010 Reporting and Alerts is selected.
  16. On the Reporting Configuration step, provide the proper computer, instance, and database name for your SQL implementation. Ensure the Reuse existing database check box is selected.
  17. Proceed through setup. This process will recreate the FEP database alongside the relocated site database, and recreate the SQL jobs necessary to move information from the site database into the FEP databases. The FEPDB will be repopulated according to the information stored in the site database.

FEP data collection job fails periodically

January 24th, 2011 Comments off

We wanted to update you about an issue with FEP that you may have seen in your organization. This is a known issue, and we’ll keep you up to date with developments.


Periodically, the FEP data collection job (FEP_GetNewData_FEPDW_xyz) fails. When the job fails, the FEP Health Management Pack for Operations Manager and the FEP BPA report an error with the FEP datawarehouse job either failing or not running. The failure is in one of the following job steps:

  • Step 6: End raise error section on DW, raise errors that were thrown from DW DB
  • Step 7: ssisFEP_GetErrorsDuringUpload_FEPDW_xyz


This happens because of the following scenario:

  1. The antimalware client is from time to time sending a malformed malware detection data item to the FEP server.
  2. The server tries to process this data item as part of the data collection job (FEP_GetNewData_FEPDW_xyz).
  3. During data item processing, the job sees that this data item is malformed and ignores it.
  4. After processing completes, the data collection job (FEP_GetNewData_FEPDW_xyz) looks to see if any data items were malformed, and if so, it fails the job.


  • Malformed data items are lost (they don’t get processed); all properly-formed data items are processed.
  • You may experience a small performance impact during the data collection job (FEP_GetNewData_FEPDW_xyz) due to the handling of malformed data items.
  • The data collection job (FEP_GetNewData_FEPDW_xyz) appears as failed in the job history.
  • If the SQL Server Monitoring Management Pack is installed on your Operations Manager server, the data collection job (FEP_GetNewData_FEPDW_xyz) appears with an error.
  • If the Forefront Endpoint Protection Server Health Monitoring Management Pack is installed on your Operations Manager server, the FEP deployment appears as critical and an alert is issued.