03-14-2017 11:19 AM - edited 03-11-2019 12:32 AM
We have a global environment with 3 x ACS 5.7 servers running the base patch. We've run into issues where a domain controller will go down and cause AD related authentication to fail for that region. Once the AD server is back up, all is good again. I understand there are better additional health checks in 5.8, so my goal is to get to the latest 5.8 revision. Reading the documentation on upgrading 5.7 -> 5.8+ is fairly well documented and should be able to follow the details of moving logging servers and backing up, upgrading and restoring etc. My question, what precautions do I need to make for just patching from 5.7 patch 1 -> latest 5.7 patch.
I understand that the patched device will restart the services, which would case some authentications to fail during that time, but should I go through the whole process taking the patched server out of the cluster and all that? Does it make sense to upgrade the secondary servers prior to the primary?
Thanks!
Solved! Go to Solution.
03-15-2017 07:36 AM
Jeff.
You better off to patch secondaries first and then patch the primary ACS. You may to schedule your patching procedure in a way that you patching one ACS at a time - letting it restart and recover. At this time your devices will fail over to another ACS instance. After patched ACS will resume service you can work on another ACS in the deployment.
03-15-2017 07:36 AM
Jeff.
You better off to patch secondaries first and then patch the primary ACS. You may to schedule your patching procedure in a way that you patching one ACS at a time - letting it restart and recover. At this time your devices will fail over to another ACS instance. After patched ACS will resume service you can work on another ACS in the deployment.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide