Hi all,

We have a number of CentOS 7 hosts enrolled with FreeIPA, and I have noticed 
the ldap.conf on some hosts has two separate URI lines, similar to this:

URI ldaps://ipa.example.com
BASE dc=example,dc=com
TLS_CACERT /etc/ipa/ca.crt
URI https://ipa.example.com

This caused our configuration management to complain about the URI value, 
because it is listed twice. 

Looking at the man page for ldap.conf, it indicates the URI should be LDAP(S), 
but for some reason our older hosts have it set to HTTPS.

Should all FreeIPA hosts be using the same LDAPS URI value provided? 

I can only assume the HTTPS URI is a legacy from the old version 3 FreeIPA 
install, as it pre-dates me supporting it. 

Dagan McGregor 
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to