Dagan McGregor via FreeIPA-users wrote: > Hi all, > > We have a number of CentOS 7 hosts enrolled with FreeIPA, and I have noticed > the ldap.conf on some hosts has two separate URI lines, similar to this: > > URI ldaps://ipa.example.com > BASE dc=example,dc=com > TLS_CACERT /etc/ipa/ca.crt > URI https://ipa.example.com > > This caused our configuration management to complain about the URI value, > because it is listed twice. > > Looking at the man page for ldap.conf, it indicates the URI should be > LDAP(S), but for some reason our older hosts have it set to HTTPS. > > Should all FreeIPA hosts be using the same LDAPS URI value provided? > > I can only assume the HTTPS URI is a legacy from the old version 3 FreeIPA > install, as it pre-dates me supporting it.
It wasn't IPA that added that line. Something, or someone, added it post-install. rob _______________________________________________ FreeIPA-users mailing list -- firstname.lastname@example.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org