rhel7: ipa-client-install modifies /etc/openldap/ldap.conf in a way which is unhandy for openldap-clients

Solution Unverified - Updated -

Issue

  • ipa-client-install modifies /etc/openldap/ldap.conf in a way which is unhandy for openldap-clients
  • Hash comment confuses ldapsearch; if IPA is installed, the original /etc/openldap/ldap.conf is modified by adding lines like:

    #TLS_CACERT /etc/ipa/ca.crt  # modified by IPA
    

It appears that removing the first hash but leaving "# modified by IPA" in place, the line is invalid and skipped when using ldapsearch.

Environment

  • Red Hat Enterprise Linux (RHEL) 7
  • IPA, IdM
  • ipa-client

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.