ro6a2 (ro6a2) asked a question.
We are seeking a rollback plan, should this upgrade not go well.
We have one OKTA AD Agent only.
https://help.okta.com/en-us/Content/Topics/Settings/Version_Histories/Ver_History_AD_Agent.htm
This document was reviewed and it was determined our current OKTA AD Agent is several (apx 7) versions behind.
https://help.okta.com/en-us/Content/Topics/Settings/Version_Histories/Ver_History_AD_Agent.htm
This guides one to perform the upgrade of the AD Agent.
This guides one also to remove the OKTA Ad agent if needed.
https://help.okta.com/en-us/Content/Topics/Directory/ad-agent-new-integration.htm
This guides one to perform a clean install.
So my question is basically about confirming if the approach is correct.
We would attempt the upgrade and hope all goes well.
If the upgrade is not successful, is it correct to remove the OKTA agent fully and then re-install from scratch?
Is it strongly advised to have a second OKTA agent just in case?
Thank you
Andy
Hi! Thanks for your question.
First, Okta does recommend that you maintain two or more Okta AD Agents for high availability and failover protection. You can learn more about that here: Install Multiple Okta Active Directory agents. I would definitely recommend that you do so.
Second, as for a rollback procedure, I would recommend you reference the below docs:
Update the Okta Active Directory Agent
If it does not work for whatever reason, please do simply uninstall and re-install for complete validation. Regardless, having two Okta AD Agents will ensure that if something does fail for whatever reason, you have time to recover the down server while continuing operations.
I hope that helps! Thanks!