×

Restoring Thycotic Secret Server From a Backup

Restoring The Application 

  • Extract your backup zip file of Secret Server application directory, or copy the files from your other backup location, to the physical file path that your virtual directory is pointing to.
  • If you have configured encryption of your encryption.config using EFS or DPAPI, you will need to replace the file from the backup with the unencrypted one.
  • Check that FIPS mode is not enabled on the server to avoid an error during the process.

Restoring the SQL Server Database

(Option 1 – If your database and Secret Server installation are in the same locations use these steps )

  • Open SQL Server Management Studio and connect.
  • Right click Databases and click Restore Database.
  • In the To database text box Enter the database name or select it from the drop down list.
  • Select the from device radio button and browse to your database backup file.
  • In the Restore Database window options make sure the Force Restore over Existing Database Check box is checked.
  • Click Ok.

If you get an error saying that Management Studio was unable to get exclusive access to the Database:

  • Right click on the Secret Server database and go to Properties.
  • At the very bottom change the Restrict Access property to “SINGLE_USER”.  This will close all other connections to the Secret Server database.
  • Re-attempt the restore.

Disable Force SSL if there is no certificate installed on the server you are restoring to

  • In SQL Server Management Studio, expand the Databases and select the database for Secret Server.
  • Select ‘New Query’ at on the menu bar to open a query pane.
  • Copy the following command: UPDATE [dbo].[tbConfiguration] SET ForceHttps = 0 in to the query pane and then click ‘Execute’ on the menu bar.
  • After the query executed successfully, restart Internet Information Server (IIS) by running “iisreset” from the command line.

If you are prompted for database credentials when accessing Secret Server and are unable to re-connect you may need to remap the user.

  • Expand the Security->Users folder under the Secret Server database.
  • Remove the user that Secret Server will use to access the database.
  • Expand the Security->Logins folder under the SQL Server root.
  • Right click on the Login corresponding to Secret Server and select User Mappings, and re-map the Login to the Secret Server database.
  • Activate your licenses if required by going to the Licenses page.

Restoring the SQL Server Database

(Option 2 – If your database and or Secret Server installation are in different locations use these steps )

  • Delete the database.config file from the secretserver folder.
  • Restart Internet Information Server (IIS) by running “iisreset” from the command line.
  • Point your web browser to the new instance of Secret Server.  You will then be taken to the web installer (this is because the database.config file is missing and it thinks you haven’t installed yet)
  • Open SQL Server Management Studio and connect.
  • Right click Databases and click Restore Database.
  • In the To database text box Enter the database name.
  • Select the from device radio button and browse to your database backup file.
  • In the Restore Database window options make sure the Force Restore over Existing Database Check box is checked.
  • Click Ok.

If you get an error saying that Management Studio was unable to get exclusive access to the Database:

  • Right click on the Secret Server database and go to Properties.
  • At the very bottom change the Restrict Access property to “SINGLE_USER”.  This will close all other connections to the Secret Server database.
  • Re-attempt the restore.

Disabled “Force SSL” if enabled in the new database and the certificate is not setup for the new server

  • In SQL Server Management Studio run the following command: UPDATE [dbo].[tbConfiguration] SET ForceHttps = 0
  • Go through the web installer to step 3
  • On step 3 enter the new database credentials (new server location, username, password)

If you are unable to re-connect you may need to remap the user.

  • Expand the Security->Users folder under the Secret Server database.
  • Remove the user that Secret Server will use to access the database.
  • Expand the Security->Logins folder under the SQL Server root.
  • Right click on the Login corresponding to Secret Server and select User Mappings, and re-map the Login to the Secret Server database.
  • Once past step 3, you are done – simply go to the home.aspx page (click the Secret Server logo)
    There is no need to go any further with the install/upgrade since the database.config has now been recreated with the new information.
  • Activate your licenses if required by going to the Licenses page.

For more information and general guidance on our products & services, please contact us.

Require further support?

Search all Knowledgebase articles

Send a Support Request to The Idency Support Team

thycotic backupsecret sever backuprestoresecret serverthycoticthycotic secret server

Related Products

Thycotic Secret Server Cloud
More Details
Thycotic Secret Server On-Premise
More Details

In good company: some of Idency's clients