Eric Scholwin via FreeIPA-users wrote:
> I was wondering if anyone noticed while installing FreeIPA on any of their 
> machines, whether or not their SELinux Booleans were affected? I installed 
> this in a test environment and nothing broke. However, when installed in my 
> production environment, an important SEBoolean was changed:
> "authlogin_nsswitch_use_ldap --> on" 
> This particular boolean was changed to off, breaking logins for an 
> application running on the server that required connecting to an ldap server.
> i've figured out what broke, now I'm just trying to figure out what caused it 
> to change. Is this something FreeIPA would normally change? I only ask 
> because I've installed this on about 30 systems and only this one was 
> affected, but ldap also isn't used on many of the other servers. Any insight 
> would be appreciated.

It is likely authconfig making the change.

I don't believe ipa-client-install explicitly disables ldap so I'm
guessing authconfig is doing it when it enables sssd and sssdauth.

FreeIPA-users mailing list --
To unsubscribe send an email to

Reply via email to