During replica promotion, configure_openldap_conf updates /etc/openldap/ldap.conf. It adds something like:
URI ldaps://<master-fqdn> BASE <suffix> TLS_CACERT /etc/ipa/ca.crt
A side effect is that openldap tools (like ldapsearch) will access <master-fqdn> if the hostname is not specified in the command line.
This is a change of behavior, where before replica promotion the URI in ldap.conf was the one of the replica. With replica promotion, the URI is the one of the master
Not a blocker for 4.3 release.
master:
ipa-4-3:
Metadata Update from @tbordaz: - Issue assigned to mbabinsk - Issue set to the milestone: FreeIPA 4.3.1
Login to comment on this ticket.