Scope: In-place upgrade of a single OpenDJ node installed via the official .deb. No topology or port changes.
Prerequisite: You already installed 4.9.4 following:
What this does (and doesn’t)
- Upgrades binaries and config to 4.10.2.
- Keeps your existing ports (e.g., LDAP 389).
- No HAProxy changes required.
- Stop and back up
We take a filesystem backup so rollback is one command.
# stop service (idempotent)
sudo systemctl stop opendj || sudo service opendj stop
# full backup; restores cleanly with -C /
sudo tar -czf /root/opendj-$(date +%F).tgz -C / opt/opendj
# sanity check
sudo tar -tzf /root/opendj-$(date +%F).tgz | head
- Install 4.10.2 package
cd /tmp
wget https://github.com/OpenIdentityPlatform/OpenDJ/releases/download/4.10.2/opendj_4.10.2-1_all.deb
sudo apt install -y ./opendj_4.10.2-1_all.deb
- The post-inst script stops OpenDJ, lays down new binaries, and runs the upgrader.
- If you want to re-run it manually (or non-interactive):
sudo /opt/opendj/upgrade --acceptLicense # add --no-prompt if desired
(If prompted about index rebuilds, accept.)
- Start and verify
sudo systemctl start opendj || sudo service opendj start
sudo /opt/opendj/bin/status \
--bindDN "cn=Directory Manager" \
--promptForBindPassword
You should see:
- Version:
OpenDJ Server 4.10.2 - Server Run Status:
Started - LDAP 389:
Enabled
Also confirm:
# package version
dpkg -l | grep opendj
# upgrade log tail (should end with success)
sudo tail -n 50 /opt/opendj/logs/upgrade.log
# server errors log for any repeating warnings
sudo tail -n 200 /opt/opendj/logs/errors