3.5. Post-installation Considerations for Clients
3.5.1. Removing Pre-Identity Management Configuration
The
ipa-client-install
script does not remove any previous LDAP and SSSD configuration from the /etc/openldap/ldap.conf
and /etc/sssd/sssd.conf
files. If you modified the configuration in these files before installing the client, the script adds the new client values, but comments them out. For example:
BASE dc=example,dc=com URI ldap://ldap.example.com #URI ldaps://server.example.com # modified by IPA #BASE dc=ipa,dc=example,dc=com # modified by IPA
To apply the new Identity Management configuration values:
- Open
/etc/openldap/ldap.conf
and/etc/sssd/sssd.conf
. - Delete the previous configuration.
- Uncomment the new Identity Management configuration.
- Server processes that rely on system-wide LDAP configuration might require a restart to apply the changes. Applications that use
openldap
libraries typically import the configuration when started.