After installing a BSUS update, you might be required to restart the BSUS app. When a BSUS update is ready to be finalized, BSUS displays a red banner at the top of the screen warning you that BSUS needs to restart. To do so, click the Update button in the banner. The restart and final installation should take only a couple of seconds.
Some of the changes in the latest versions require additional actions after the update is installed. If you're updating the BlueCat Server Update Services app itself from a version prior to the listed version, you may need to perform additional setup or configuration.
Update BSUS on BDDS servers
(Applies to: any update to BSUS)
- Go to the main BSUS dashboard (click Dashboard), then click the batch name for each of the Server Batches in the Server Batch table you work with.
-
Within each tab, a DNS server that needs to be updated with a new BSUS version will be tagged with an arrow and red circle ().
To update a server, click its red arrow.
Add ELASTIC_PASSWORD to environment (.env) settings
(Applies to updates to BSUS v22.1 or greater)
The BSUS database can now be password-protected for greater security. After you
update the BSUS app, within the BSUS .env
file, make sure that you
specify the password for your search database.
.env
file: ELASTIC_PASSWORD=ChangeMe
where ChangeMe
is your chosen password for the search database.
.env
file, the search
database will be unprotected. If no password is set on the database, BSUS will
set the database password the first time it sees the
ELASTIC_PASSWORD
setting in the .env
file.
If the database is already password-protected, BSUS will attempt to use
the password specified in ELASTIC_PASSWORD
. Therefore,
after adding ELASTIC_PASSWORD
to the .env
file, do not change it again.
DB_PASSWORD
. When
updating to the new version of BSUS, change DB_PASSWORD
to
ELASTIC_PASSWORD
.Set up Address Manager to support BSUS access rights
(Applies to updates to BSUS v23.1 or greater)
You can now configure access rights for BSUS features and functionality, restricting access to features specific Address Manager user groups and allowing specific user groups access to specific BSUS Server Batches. This feature requires some initial setup during and immediately after installation.
During installation, you must specify an Address Manager user group as the BSUS Administrator group with the
BSUS_ADMIN_GROUP
in the.env
file. Members of this group have access to BSUS features and functionality and can add, modify, and delete all BSUS Server Batches.or more details on BSUS Access Right Settings, see Managing BSUS Access Rights in the BlueCat Server Update Services Guide.
You must set up a user-defined field named BsusPermission in Address Manager, where BSUS will store and track BSUS access rights for each user group.
For more details, see Setting up the BsusPermission UDF in Address Manager.
Configure BSUS for TLS 1.2 encryption
(Applies to updates from versions prior to BSUS v22.1)
As of version 22.1, BSUS will use TLS (Transport Layer Security) 1.2 encryption when communicating with BDDS servers and optionally between BSUS docker containers. These communications require the use of security certificates. They also require an additional port (10046) to be opened between BSUS and the BDDS servers it manages.
For more details on setting up TLS encryption for BSUS and the BDDS servers, see Configuring BSUS for TLS encryption.