Consolidation of multiple Umbrella orgs to a single Umbrella org with multi-AD domain support does not include migration of the AnyConnect Roaming Security Module. This article details the steps to manually migrate the AnyConnect Roaming Security Module from one Umbrella org to another.
1. Download the AnyConnect Umbrella Roaming Security Module Profile file (OrgInfo.json) from the destination Umbrella org per the screenshot below.
2. For the source org, you will need to execute the following steps on each system running the AnyConnect Roaming Security Module.
For Windows systems:
- Stop the Roaming Client service if lockdown has not been selected at the time of install. This can be done by running the command 'net stop acumbrellaagent' on the command prompt. Alternately, from the GUI, Start, Run services.msc and run as administrator if not already elevated to admin. Then, find "Cisco AnyConnect Umbrella Roaming Security Agent" in the list and click the Stop button.
- Delete the entire C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Umbrella\data folder
- Delete the file C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Umbrella\OrgInfo.json
- Place the OrgInfo.json that you downloaded from the destination org to the C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Umbrella folder
- Delete /opt/cisco/anyconnect/umbrella/OrgInfo.json and the entire /opt/cisco/anyconnect/umbrella/data folder
- Place the OrgInfo.json that you downloaded from the destination org into /opt/cisco/anyconnect/umbrella or connect to the VPN connection pushing out the new OrgInfo.json Umbrella Roaming Profile
- Restart the entire anyconnect program by killing the processes or restart the computer