Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

3.5. Post-installation Considerations for Clients

3.5.1. Removing Pre-Identity Management Configuration

The ipa-client-install script does not remove any previous LDAP and SSSD configuration from the /etc/openldap/ldap.conf and /etc/sssd/sssd.conf files. If you modified the configuration in these files before installing the client, the script adds the new client values, but comments them out. For example:
BASE   dc=example,dc=com
URI    ldap://

#URI ldaps:// # modified by IPA
#BASE dc=ipa,dc=example,dc=com # modified by IPA
To apply the new Identity Management configuration values:
  1. Open /etc/openldap/ldap.conf and /etc/sssd/sssd.conf.
  2. Delete the previous configuration.
  3. Uncomment the new Identity Management configuration.
  4. Server processes that rely on system-wide LDAP configuration might require a restart to apply the changes. Applications that use openldap libraries typically import the configuration when started.