Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1527215
Description of problem: The IPA client installer currently edits /etc/openldap/ldap.conf, setting up the client to consume LDAP data from IPA. It currently sets: URI BASE TLS_CACERT It really should also add: SASL_MECH GSSAPI TLS_REQCERT demand The IPA client installer assumes the client will only be speaking LDAP to IPA, so might as well secure that connection as much as possible by default.
Metadata Update from @rcritten: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1527215
Metadata Update from @rcritten: - Issue priority set to: important
PR:https://github.com/freeipa/freeipa/pull/1470
master:
Metadata Update from @cheimes: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
ipa-4-6:
Login to comment on this ticket.