Begin the maintenance.
Disable monitoring system notifications.
(If you use hot snapshots, make one.)
Make sure no user or external application can access the IdM.
Log into the IdM as administrator and check if there are some LRTs running.
If they are not, continue.
If they are, either stop those LRTs or let them finish. This depends on your deployment.
Stop the IdM.
Disable automatic start of the IdM on
OS start.
(If you use cold snapshots, turn off the machine and make one.)
(If you do not use snapshots, make a backup of the IdM database and store it off-machine.)
Make backup of ``/boot``, ``/etc``, list of processes ``ps -ef`` and list of network services ``netstat -tulnp`` (or ``ss -tulnp``). Those dumps will help you check if all the services started. You can also recover some settings from backups in case something goes wrong (in a minor way) - you will not need to roll back whole snapshot.
Perform the update (e.g. ``yum update``).
YMMV depending on the packages being updated. Also when upgrading PostgreSQL, there are additional steps you have to perform.
Restart affected services or reboot the whole machine if necessary.
When the machine is up, check ``dmesg`` and ``/var/log/{messages,syslog}`` or analogous files for your
OS.
Check running processes and network services whether everything started properly.
Namely PostgreSQL and HTTPd should be up and running. Those are parts of IdM deployment.
If everything is ok, start the IdM service.
Check IdM logs whether it started successfuly.
Log into the IdM and test connection to end systems (configuration form for the system, green button "Test connector").
Check your testing use-cases.
Enable autostart of IdM service upon
OS start.
(If there were changes to the database (e.g. PostgreSQL major version upgrade), make a backup of the upgraded database.)
Allow users to access the IdM.
Enable monitoring system notifications.
End the maintenance.