I had an existing ldap configuration:
[domain/default] auth_provider = ldap cache_credentials = True ldap_search_base = dc=XXX,dc=com ldap_autofs_search_base = dc=YYY,dc=XXX,dc=com id_provider = ldap ldap_id_use_start_tls = True chpass_provider = ldap ldap_chpass_uri = ldap://YYY.XXX.com/ ldap_uri = ldap://YYY.XXX.com/,ldap://YYY.XXX.com/ ldap_tls_cacertdir = /etc/openldap/cacerts ldap_account_expire_policy = 389ds
ran:
/usr/sbin/ipa-client-install --domain=XXX.com --realm=XXX.COM --preserve-sssd --noac --no-sudo --no-sshd --no-ssh --no-nisdomain --no-ntp --unattended
The new sssd.conf file was missing the ldap_autofs_search_base and ldap_account_expire_policy entries from the previous default domain config.
version ipa-client-3.0.0-50.el6.1.x86_64. I cannot reproduce with ipa-client-4.2.0-15.sl7_2.17.x86_64. Feel free to close if 3.0 is no longer being updated, just filed for completeness.
Thank you for report, but IPA 3.x is not under active development anymore, closing as wontfix.
(This is not reproducible on IPA 4.2+)
Metadata Update from @orion: - Issue assigned to someone - Issue set to the milestone: 0.0 NEEDS_TRIAGE
Login to comment on this ticket.