Hi all,
We have a number of CentOS 7 hosts enrolled with FreeIPA, and I have noticed the ldap.conf
on some hosts has two separate URI lines, similar to this:
URI
ldaps://ipa.example.com
BASE dc=example,dc=com
TLS_CACERT /etc/ipa/ca.crt
URI
https://ipa.example.com
This caused our configuration management to complain about the URI value, because it is
listed twice.
Looking at the man page for ldap.conf, it indicates the URI should be LDAP(S), but for
some reason our older hosts have it set to HTTPS.
Should all FreeIPA hosts be using the same LDAPS URI value provided?
I can only assume the HTTPS URI is a legacy from the old version 3 FreeIPA install, as it
pre-dates me supporting it.
Cheers,
Dagan McGregor