Dagan McGregor via FreeIPA-users wrote:
> Hi all,
> 
> We have a number of CentOS 7 hosts enrolled with FreeIPA, and I have noticed 
> the ldap.conf on some hosts has two separate URI lines, similar to this:
> 
> URI ldaps://ipa.example.com
> BASE dc=example,dc=com
> TLS_CACERT /etc/ipa/ca.crt
> URI https://ipa.example.com
> 
> This caused our configuration management to complain about the URI value, 
> because it is listed twice. 
> 
> Looking at the man page for ldap.conf, it indicates the URI should be 
> LDAP(S), but for some reason our older hosts have it set to HTTPS.
> 
> Should all FreeIPA hosts be using the same LDAPS URI value provided? 
> 
> I can only assume the HTTPS URI is a legacy from the old version 3 FreeIPA 
> install, as it pre-dates me supporting it. 

It wasn't IPA that added that line. Something, or someone, added it
post-install.

rob
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to