Red Hat Training

A Red Hat training course is available for RHEL 8

Chapter 12. Updating and downgrading IdM

12.1. Updating IdM packages

You can use the yum utility to update the Identity Management (IdM) packages on the system.



  • Select one of the following options:

    • To update all IdM packages that are relevant for your profile and that have updates available:

      # yum upgrade ipa-*
    • To install or update packages to match the latest version available for your profile from any enabled repository:

      # yum distro-sync ipa-*

After you update the IdM packages on at least one server, all other servers in the topology receive the updated schema, even if you do not update their packages. This ensures that any new entries which use the new schema can be replicated among the other servers.


When updating multiple IdM servers, wait at least 10 minutes after updating one server before updating another server. However, the actual time required for a server’s successful update depends on the topology deployed, the latency of the connections, and the number of changes generated by the update.

When two or more servers are updated simultaneously or with only short intervals between the upgrades, there is not enough time to replicate the post-upgrade data changes throughout the topology, which can result in conflicting replication events.


Red Hat recommends upgrading to the next version only. For example, if you want to upgrade to IdM for RHEL 8.8, we recommend upgrading from IdM for RHEL 8.7. Upgrading from earlier versions can cause problems.

12.2. Downgrading IdM packages

Red Hat does not support downgrading Identity Management.

12.3. Additional resources

  • yum(8) man page