Hello Florence, all
I have also only update ipa-*, but i have same Error. Its appears that
unable to unlink the port 8433 TCPV6 by pki-tomcat used by FreeIPA. Im
actually blocked with this minor update.
....
[Ensurung CA is using LDAPProfileSubsustem)
[Migration certificat profiles to LDAP]
IPA server upgrade failed : Inspect /var/log/ipaupgrade.log and run command
ipa-upgrade manually. Unexpected error - see /var/log/ipaupgrade.log for
details:
AttributeError: locked cannot see ra_certprofile.override_port to 8443
ipa: DEBUG : File
/usr/lib/python2.7/site-packages/ipaserver/install/installutils.py at line
1015, in run_script
return_value = main_function ()
File /usr/sbin/ipactl, line 598, in main
ipa_start (options)
File /usr/sbin/ipactl, line 288, in main
version_check ()
File /usr/sbin/ipactl, line161, in version_ckeck
raise IpactlError ("Abording ipactl")
Regard
Karim
Le lun. 8 juin 2020 à 08:58, Florence Blanc-Renaud <f...@redhat.com> a
écrit :
> On 6/6/20 11:42 AM, Karim Bourenane via FreeIPA-users wrote:
> > Hello Team
> >
> > I have some questions :
> > 1°) I need your help, to find the better way to upgrade my 3 servers
> > linked (replicat).
> > I want to upgrade servers from CentOS 7.6 to CentOS7.7 with update in
> > same time the IPAServer (or separately ?)
>
> Hi,
>
> in order to upgrade each server from centOS 7.6 to CentOS 7.7, you need
> to run "yum update".
> This command will also update ipa-* packages and internally call
> ipa-server-upgrade, meaning you don't need to manually call
> ipa-server-upgrade.
> Please find more information in "Updating Identity Management" [1].
>
> For multiple servers upgrade, keep in mind that the upgrade needs to be
> done sequentially, i.e upgrade server 1, wait a few minutes for
> replication to propagate changes, upgrade server 2, etc...
>
> HTH,
> flo
>
> [1]
>
> https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/updating-migrating#update-ipa
>
> >
> > After searching on Freeipa.org and other site, i find :
> > #ipactl stop
> > #ipa-server-upgrade
> > #ipactl start
> >
> > I not need to delete first the replication link before ?
> > What is the better solution ways ?
> >
> > 2°) Is not better to migrate my IPAServers's to 4.7 or 4.8 version ?
> > Or i need steps too ?
> >
> > Thanks you for your help
> >
> > Best Regard
> > Bien à vous
> > Mr Karim Bourenane
> > +33686464439
> > +32 493 86 63 54
> >
> > _______________________________________________
> > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> > To unsubscribe send an email to
> freeipa-users-le...@lists.fedorahosted.org
> > Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> > List Archives:
> https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
> >
>
>
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
