Red Hat Summit Red Hat SummitSuporteConsoleDesenvolvedoresComeçar um testeContato

Este conteúdo não está disponível no idioma selecionado.

Chapter 8. Updating and Migrating Identity Management

8.1. Updating Identity Management

You can use the yum utility to update the Identity Management packages on the system.
Warning
Before installing an update, make sure you have applied all previously released errata relevant to the RHEL system. For more information, see the How do I apply package updates to my RHEL system? KCS article.
Additionally, if a new minor Red Hat Enterprise Linux version is available, such as 7.3, yum upgrades the Identity Management server or client to this version.
Note
This section does not describe migrating Identity Management from Red Hat Enterprise Linux 6 to Red Hat Enterprise Linux 7. If you want to migrate, see Section 8.2, “Migrating Identity Management from Red Hat Enterprise Linux 6 to Version 7”.

8.1.1. Considerations for Updating Identity Management

  • After you update the Identity Management packages on at least one server, all other servers in the topology receive the updated schema, even if you do not update their packages. This ensures that any new entries which use the new schema can be replicated among the other servers.
  • Downgrading Identity Management packages is not supported.
    Important
    Do not run the yum downgrade command on any of the ipa-* packages.
  • Red Hat recommends upgrading to the next version only. For example, if you want to upgrade to Identity Management for Red Hat Enterprise Linux 7.4, we recommend upgrading from Identity Management for Red Hat Enterprise Linux 7.3. Upgrading from earlier versions can cause problems.

8.1.2. Using yum to Update the Identity Management Packages

To update all Identity Management packages on a server or client: 
# yum update ipa-*
Warning
When upgrading multiple Identity Management servers, wait at least 10 minutes between each upgrade.
When two or more servers are upgraded simultaneously or with only short intervals between the upgrades, there is not enough time to replicate the post-upgrade data changes throughout the topology, which can result in conflicting replication events.

Related Information

  • For details on using the yum utility, see Yum in the System Administrator's Guide.
Important
Due to CVE-2014-3566, the Secure Socket Layer version 3 (SSLv3) protocol needs to be disabled in the mod_nss module. You can ensure that by following these steps:
  1. Edit the /etc/httpd/conf.d/nss.conf file and set the NSSProtocol parameter to TLSv1.0 (for backward compatibility), TLSv1.1, and TLSv1.2. 
    NSSProtocol TLSv1.0,TLSv1.1,TLSv1.2
  2. Restart the httpd service. 
    # systemctl restart httpd.service
Note that Identity Management in Red Hat Enterprise Linux 7 automatically performs the above steps when the yum update ipa-* command is launched to upgrade the main packages.
Red Hat logoGithubRedditYoutubeTwitter

Aprender

Experimente, compre e venda

Comunidades

Sobre a documentação da Red Hat

Ajudamos os usuários da Red Hat a inovar e atingir seus objetivos com nossos produtos e serviços com conteúdo em que podem confiar.

Tornando o open source mais inclusivo

A Red Hat está comprometida em substituir a linguagem problemática em nosso código, documentação e propriedades da web. Para mais detalhes veja oBlog da Red Hat.

Sobre a Red Hat

Fornecemos soluções robustas que facilitam o trabalho das empresas em plataformas e ambientes, desde o data center principal até a borda da rede.

© 2024 Red Hat, Inc.